Nissan North America Reports Data Breach via Oracle PeopleSoft Exploit
Nissan North America has disclosed a data breach involving unauthorized access to its Oracle PeopleSoft system, which manages employee records. The company confirmed it was among multiple organizations targeted in a cyberattack on the platform.
An investigation is ongoing, but Nissan believes the breach may have exposed sensitive personal and financial data, including:
- Contact information
- Banking details
- Social Security, Social Insurance, and National Identification numbers
- Financial and tax records
- Dependent and beneficiary information
The incident affects both current and former employees, who are being notified as the investigation progresses. While the exact timeline and scope remain under review, the breach highlights vulnerabilities in third-party HR management systems and the potential for widespread exposure of employee data.
Legal teams are examining the incident to determine whether a class action lawsuit could be filed on behalf of affected individuals, though no formal action has been initiated at this time. The breach underscores the risks of supply chain attacks targeting enterprise software providers.
Source: https://www.classaction.org/data-breach-lawsuits/nissan-north-america-june-2026
Oracle Cloud HCM cybersecurity rating report: https://www.rankiteo.com/company/oraclecloudhcm
"id": "ORA1782556111",
"linkid": "oraclecloudhcm",
"type": "Vulnerability",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Current and former employees',
'industry': 'Automotive',
'location': 'North America',
'name': 'Nissan North America',
'type': 'Corporation'}],
'attack_vector': 'Third-party software exploit',
'customer_advisories': 'Notifications to affected individuals',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Contact information',
'Banking details',
'Social Security numbers',
'Social Insurance numbers',
'National Identification numbers',
'Financial and tax records',
'Dependent and beneficiary '
'information']},
'description': 'Nissan North America has disclosed a data breach involving '
'unauthorized access to its Oracle PeopleSoft system, which '
'manages employee records. The company confirmed it was among '
'multiple organizations targeted in a cyberattack on the '
'platform. The breach may have exposed sensitive personal and '
'financial data, including contact information, banking '
'details, Social Security numbers, and financial records.',
'impact': {'brand_reputation_impact': 'Potential reputational damage',
'data_compromised': 'Sensitive personal and financial data',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential class action lawsuit',
'payment_information_risk': 'High',
'systems_affected': 'Oracle PeopleSoft HR management system'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': 'Vulnerabilities in third-party HR '
'management systems'},
'references': [{'source': 'Nissan North America Disclosure'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuit'},
'response': {'communication_strategy': 'Notifications to affected '
'individuals'},
'title': 'Nissan North America Data Breach via Oracle PeopleSoft Exploit',
'type': 'Data Breach',
'vulnerability_exploited': 'Oracle PeopleSoft vulnerability'}