Nissan: About 100,000 people in Australia, New Zealand affected by recent cyberattack

Jason Macuray
Japanese automaker Nissan said that the personal information of about 100,000 individuals in Australia and New Zealand was exposed during a cyberattack that the company reported in December.

Japanese automaker Nissan said that the personal information of about 100,000 individuals in Australia and New Zealand was exposed during a cyberattack that the company reported in December.

Nissan published new details of the investigation into the incident on Wednesday, stating that it has begun notifying the victims, which include customers, dealers and some current and former employees.

The total number of people might reduce “as contact details are validated and duplicated names are removed from the list,” the company said.

During the attack, the unknown threat actor gained unauthorized access to Nissan’s local IT servers. Since that time, Nissan said it has been working with government authorities in Australia and New Zealand, as well as external cyber experts to review the compromised data and understand the impact on affected individuals.

The type of compromised information will vary for each person, Nissan said. According to current estimates, up to 10% of individuals have had some form of government identification compromised. This includes approximately 4,000 Australian Medicare cards, 7,500 driver’s licenses, 220 passports and 1,300 tax file numbers.

The remaining 90% of victims have had some other form of personal information impacted, including copies of loan-related transaction statements for loan accounts, employment or salary information, or general information such as dates of birth.

For those affected by the breach, Nissan will offer free credit monitoring and reimbursement where the replacement of government ID is recommended by the relevant issuing authority.

“We know this will be difficult news for people to receive, and we sincerely apologize to our community for any concerns or distress it may cause,” Nissan said.

In January 2023, Nissan warned thousands of its customers of its finance division about the potential leak of personal information through a third-party vendor.

Data from car companies and car insurance providers is typically in high demand among cybercriminals, with multiple threat actors and groups leaking stolen data on the dark web.

Earlier in November, another Japanese carmaker, Toyota, also suffered a cyberattack that targeted its European and African financial services department.

In September, nearly 15,000 accounts were raided at several large automakers’ websites to harvest important information about thousands of individual vehicles.

IndustryCybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

New DOD cyber policy office opening soon, sources say

Next Post

Lazarus Group hackers appear to return to Tornado Cash for money laundering

Related Posts

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned Mandiant under the moniker UNC2970, which it said overlaps with a threat group known as TEMP.Hermit, which is
Siva Ramakrishnan
Read More

Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices

In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens? Join DigiCert’s exclusive webinar, "When Shift Happens: Are You Ready for Rapid
Avatar
Read More