- ShinyHunters says it has compromised Oracle PeopleSoft installations at over 100 entities.
On June 10, 2026 the group posted a claim on its public channel that it breached PeopleSoft servers belonging to a mix of universities and other institutions. The statement offered no technical details, timestamps, or proof beyond a single message asserting the scope of the intrusion. No affected organization has confirmed the allegation, and Oracle has not commented on the specific claim.
If true, the breach would expose data stored in PeopleSoft’s enterprise resource planning system, which many schools use for payroll, finance and student records. The claim arrives after a series of PeopleSoft vulnerabilities disclosed in 2024 and 2025, including a remote code execution flaw that forced several campuses to apply emergency patches. Even an unverified breach highlights the lingering risk of legacy ERP platforms that often lag behind modern security practices.
Until verifiable evidence surfaces, the story is another reminder that public claims by hacking groups should be treated with caution, especially when they involve widely deployed, older software stacks.