UPDATE: Council of Europe named as a victim of the Oracle PeopleSoft (CVE-2026-35273) campaign

UPDATE (originally covered 2026-06-12/2026-06-13): ShinyHunters listed the Council of Europe — the 46-member Strasbourg human-rights body, of which Switzerland is a member — claiming 297 GB across ~429,000 files taken via the Oracle PeopleSoft Environment Management Hub zero-day CVE-2026-35273, and set a 16 June leak deadline (SecurityWeek, 2026-06-15). This is the first European intergovernmental institution named in the 100+-organisation PeopleSoft campaign previously covered as an education-sector wave.

The claimed dataset spans payroll for 10,000+ current and former staff (2011–2026), 14,000+ CVs, and HR records with names, dates of birth, addresses, bank-account, tax/social-security and medical data. The Council of Europe confirmed it "is currently investigating the matter and assessing the situation" and has not confirmed exfiltration (The Register, 2026-06-15; BleepingComputer, 2026-06-15). The vector — unauthenticated HTTP to the /PSEMHUB/hub servlet (T1190) — is unchanged; treat any externally-reachable PeopleSoft Environment Management Hub as compromised pending forensic review and block perimeter access to /PSEMHUB/*. Confidence on the victim claim is MEDIUM pending Council of Europe confirmation (extortion-site claim).