The infamous cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at greater than 100 organizations, a lot of them universities, a ShinyHunters member advised TechCrunch on Wednesday. The breaches had been first reported by BleepingComputer.
PeopleSoft is enterprise software program designed to handle payroll, human sources, administration, and different enterprise operations.
The information reveals that regardless of being one of the seen and prolific cybercrime teams in the mean time, ShinyHunters will not be slowing down and has turned mass hacks into its specialty. The group’s modus operandi is to discover a vulnerability in a preferred piece of software program in order that they will compromise many victims without delay.
“Pupil, applicant, monetary support, immigration, well being, and administrative information has been exfiltrated,” learn a message that the hacker stated was despatched to one of many victims. The hackers claimed to have stolen scholar information that embrace dwelling addresses, cellphone numbers, emails, and dates of delivery.
The hacker added that a lot of the focused faculties had already been compromised in earlier, unrelated campaigns.
The group’s authentic purpose, the member stated, was to compromise an FBI PeopleSoft server — the purpose being to put up an announcement denying ShinyHunters was behind a wave of swatting makes an attempt the FBI flagged in an alert final month. The member stated that try failed.
Oracle didn’t reply to a request for remark.
