Notorious cybercrime group ShinyHunters claims to have hacked Oracle PeopleSoft servers at more than 100 organizations, many of which are universities, a member of ShinyHunters told TechCrunch on Wednesday. there were violations first reported By BleepingComputer.
PeopleSoft is enterprise software designed to manage payroll, human resources, administration, and other business operations.
The news shows that despite being one of the most visible and prolific cybercrime groups at the moment, ShinyHunters is not slowing down, and has turned large-scale hacks into their specialty. The group’s modus operandi is to find a vulnerability in a popular software so that they can compromise multiple victims at once.
“Student, applicant, financial aid, immigration, health and administrative data have been stolen,” the hacker said in a message. This message was sent to one of the victims. The hackers claimed to have stolen students’ records including home addresses, phone numbers, emails and dates of birth.
The hackers said most of the targeted schools had already been compromised, in unrelated campaigns.
The group’s original goal, the member said, was to compromise FBI PeopleSoft servers—the goal was to post a statement denying that ShinyHunters was behind a wave of attempted attacks on the FBI. Marked in a warning Last month. The member said that the attempt failed.
Oracle did not respond to a request for comment.
