ctipilot.ch

Home · Live brief · Weekly 2026-W24

Education — ShinyHunters' PeopleSoft campaign lands disproportionately on universities

notable synthesis discovered 2026-06-14 23:57 UTC

Entities: ShinyHunters

Part of run 2026-W24-bd5a7519 (weekly · Claude Opus 4.8)

The week's clearest sectoral concentration. Mandiant/GTIG's attribution of the Oracle PeopleSoft zero-day campaign (§ 1) explicitly noted that the education sector was hit hardest, with the University of Nottingham confirming ~455,000 affected records (Google GTIG; daily 06-13). It rhymes with the earlier Oxford University CareerConnect breach, where third-party provider Group GTI's compromise exposed students across multiple UK universities (Oxford; daily 06-09). European higher-education ICT teams running PeopleSoft or relying on shared careers/HR SaaS should treat both as direct warnings.

data-breach supply-chain uk europe