ShinyHunters claims – A ShinyHunters member says the group hacked Oracle PeopleSoft servers at more than 100 organizations, many of them universities, and exfiltrated student and administrative data, including home addresses and dates of birth.
By the time students are looking for answers, the message already has the power to unsettle their lives. A ShinyHunters member told TechCrunch on Wednesday that the group has hacked Oracle PeopleSoft servers at more than 100 organizations, many of them universities.
PeopleSoft is enterprise software used to manage payroll, human resources, administration, and other business operations. In the latest claim, the attacker’s wording didn’t read like a vague threat—it pointed to personal details.
“Student, applicant, financial aid, immigration, health, and administrative data has been exfiltrated,” the hacker said was written in a message sent to one of the victims. The hackers also claimed to have stolen student records that include home addresses, phone numbers, emails, and dates of birth.
What’s even more chilling for institutions trying to understand how deep the damage goes is the timing the hacker described. The member said most of the targeted schools had already been compromised in earlier, unrelated campaigns.
The breach claims follow a broader pattern that ShinyHunters has become known for: moving from a vulnerability in widely used software to mass compromise. The member described a “modus operandi” built around finding a flaw in popular systems so the group can hit many victims at once.
There’s another layer to this story, too. The member said the group’s original goal was to compromise an FBI PeopleSoft server. with the intent of posting a statement denying that ShinyHunters was behind a wave of swatting attempts the FBI flagged in an alert last month. According to the member, that attempt failed.
Oracle did not respond to a request for comment.
Taken together. the claims put universities—institutions that already sit at the center of personal and administrative data—back in the crosshairs. If even part of the reported scope is accurate. the real impact won’t be confined to a single system downtime window. It lands in identities: addresses. contact details. and dates of birth that can be used long after a breach headline disappears.
ShinyHunters Oracle PeopleSoft PeopleSoft breach universities cyberattack student data exfiltration swatting FBI cybersecurity
So they hacked PeopleSoft… but why is my school still emailing us about parking like nothing happened?
I don’t even know what PeopleSoft is but if they got home addresses and DOBs then that’s not just “cyber” anymore. Sounds like identity theft waiting to happen.
Wait they said they tried to get an FBI PeopleSoft server first? So basically the FBI got hacked and now they’re acting like it was swatting? Feels like everybody’s just covering for each other.
This is why I don’t trust colleges with any of my info. If my birthday and address leaked I’m moving states lol. Also “Oracle didn’t respond” like… that’s not a good look. I saw someone say universities “weren’t impacted” but I mean come on, 100+ schools right?