TechCrunch reports that ShinyHunters has claimed responsibility for hacking Oracle PeopleSoft servers at more than 100 organizations, many of them universities. The breaches, first reported by BleepingComputer involved:
“Student, applicant, financial aid, immigration, health, and administrative data has been exfiltrated,” read a message that the hacker said was sent to one of the victims. The hackers claimed to have stolen student records that include home addresses, phone numbers, emails, and dates of birth.
The hacker added that most of the targeted schools had already been compromised in earlier, unrelated campaigns.
One of the most curious comments in the reporting was ShinyHunters’ alleged motivation. TechCrunch reports:
The group’s original goal, the member said, was to compromise an FBI PeopleSoft server — the goal being to post a statement denying ShinyHunters was behind a wave of swatting attempts the FBI flagged in an alert last month. The member said that attempt failed.
The CyberSec Guru does a deeper dive into how the attack affected the University of Nottingham in the UK:
On Tuesday, June 9, 2026, IT staff at the University of Nottingham noticed something wrong with their Campus Solutions system. By the time they pulled it offline, a well-organised cybercrime gang had already walked out with over 40GB of data covering 454,600 current students and alumni – passports, payment details, phone numbers, ethnicities, disabilities, the works.
Read more at The CyberSec Guru.