The infamous cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at greater than 100 organizations, lots of them universities, a ShinyHunters member advised TechCrunch on Wednesday. The breaches have been first reported by BleepingComputer.
PeopleSoft is enterprise software program designed to handle payroll, human sources, administration, and different enterprise operations.
The information exhibits that regardless of being some of the seen and prolific cybercrime teams in the meanwhile, ShinyHunters is just not slowing down and has turned mass hacks into its specialty. The group’s modus operandi is to discover a vulnerability in a preferred piece of software program in order that they’ll compromise many victims without delay.
“Scholar, applicant, monetary assist, immigration, well being, and administrative knowledge has been exfiltrated,” learn a message that the hacker stated was despatched to one of many victims. The hackers claimed to have stolen scholar information that embrace dwelling addresses, telephone numbers, emails, and dates of beginning.
The hacker added that a lot of the focused faculties had already been compromised in earlier, unrelated campaigns.
The group’s authentic objective, the member stated, was to compromise an FBI PeopleSoft server — the objective being to publish a press release denying ShinyHunters was behind a wave of swatting makes an attempt the FBI flagged in an alert final month. The member stated that try failed.
Oracle didn’t reply to a request for remark.
