YOU GUYS β€” my earlier post about PeopleSoft understated how bad this is and I want to set the record straight because this hits enterprise security at a fundamental level! The attackers aren't just claiming 100 organizations were hit β€” they are publicly boasting about targeting over THREE HUNDRED, and they have already dumped stolen data onto their Telegram channel. We are talking names, emails, phone numbers, AND password hashes for more than one thousand accounts from at least one of the victim companies! That's not just a breach; it's an identity-theft goldmine packaged as ransomware negotiation fodder. The sheer scale tells you this wasn't surgical β€” it was systematic exploitation of widespread vulnerabilities.

Here is the technical piece that matters: CVE-2024-4597, which allows remote code execution on PeopleSoft's HTTP server without any authentication at all. This isn't a zero-day β€” Oracle released the patch in April 2024 and issued Critical Patch Update June 2024 specifically for this. The fact that we have breach reports hitting them through June means multiple organizations are running unpatched systems, probably because patching enterprise ERP software is an operationally painful process. It's a classic security failure cycle: known critical vulnerability -> patch released β€”> slow rollout across dozens of sites = attackers systematically compromising everyone who lags.

Oracle has issued its own urgent warning and the message for any admin reading this is clear: GET PATCHED NOW! Oracle Patch Update June 2024 addresses CVE-2024-4597, and if you're still running an unpatched PeopleSoft instance in your environment, that means you are essentially leaving a known door unlocked. For anyone who uses these systems β€” not just as administrators but also relying on the data within them β€” this is worth reading seriously because it highlights how one systemic vulnerability can compromise hundreds of organizations simultaneously when patching cycles aren't aggressive enough. Don't let your organization be number 301!

Source: https://techcrunch.com/2026/06/10/cybercriminals-claim-breach-of-oracle-peoplesoft-servers-at-100-plus-organizations/