The infamous cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at greater than 100 organizations, a lot of them universities, a ShinyHunters member instructed TechCrunch on Wednesday. The breaches have been first reported by BleepingComputer.
PeopleSoft is enterprise software program designed to handle payroll, human sources, administration, and different enterprise operations.
The information exhibits that regardless of being probably the most seen and prolific cybercrime teams in the intervening time, ShinyHunters isn’t slowing down and has turned mass hacks into its specialty. The group’s modus operandi is to discover a vulnerability in a well-liked piece of software program in order that they will compromise many victims directly.
“Scholar, applicant, monetary support, immigration, well being, and administrative information has been exfiltrated,” learn a message that the hacker stated was despatched to one of many victims. The hackers claimed to have stolen scholar information that embody residence addresses, telephone numbers, emails, and dates of beginning.
The hacker added that a lot of the focused colleges had already been compromised in earlier, unrelated campaigns.
The group’s unique objective, the member stated, was to compromise an FBI PeopleSoft server — the objective being to submit an announcement denying ShinyHunters was behind a wave of swatting makes an attempt the FBI flagged in an alert final month. The member stated that try failed.
Oracle didn’t reply to a request for remark.
