Nissan is investigating a cybersecurity incident that may have exposed the personal information of current and former employees following an attack linked to a vulnerability in Oracle’s PeopleSoft software.
The automaker said Oracle informed it that cybercriminals had targeted PeopleSoft systems used by multiple organisations and later confirmed that Nissan was among those affected. The software is used by Nissan Americas to manage employee records, including payroll, tax administration and other HR-related functions.
The company said its investigation is ongoing and the full extent of the breach has not yet been determined. However, the compromised data may include employee names, contact details, bank account information, tax records, government-issued identification numbers, and information relating to dependants and beneficiaries.
According to the company, the incident could affect current and former employees in the US, Canada, Mexico and Brazil.
In response, Nissan has activated its incident- response procedures, engaged external cybersecurity experts and secured the affected systems. The company is also working closely with Oracle to determine the scope of the breach and assess its impact.
As an added precaution, Nissan has tightened access to payroll-related services. Employees can now view electronic payslips or update direct deposit information only through company-managed networks or secure virtual private network (VPN) connections. The company has also introduced enhanced identity verification measures before processing payroll-related requests. Employees confirmed to be impacted will be notified individually.
The incident comes amid wider concerns over cyberattacks targeting Oracle PeopleSoft systems. Security researchers recently disclosed that attackers exploited a previously unknown vulnerability, identified as CVE-2026-35273, to steal sensitive data from organisations. Cybersecurity firm Mandiant believes the flaw was actively exploited before Oracle released emergency security updates.
The attacks have reportedly been linked to the cyber extortion group ShinyHunters, which has claimed responsibility for compromising hundreds of Oracle PeopleSoft servers across multiple organisations. The incident underscores the growing cybersecurity risks facing HR systems that store sensitive employee information.



