A regional disclosure tied to Oracle PeopleSoft shows how one application-layer incident can turn HR records into a cross-border security problem.