Malware
Nissan Reveals Devastating Ransomware Attack: Personal Data of 100,000 Individuals Exposed
Nissan has confirmed that a ransomware attack has exposed the personal data of 100,000 customers. The attack targeted the carmaker’s UK operations and is thought to have occurred in January 2021. Nissan is working with authorities to investigate the incident and has notified affected individuals.
Picture this: you’re driving along in your car, feeling secure and comfortable, when suddenly you receive a notification that your personal information has been compromised in a data breach. That’s what happened to 100,000 people when Nissan Oceania experienced a cyberattack in December 2023, which was later claimed by the Akira ransomware operation.
What happened during the cyberattack?
In early December, Nissan’s regional division, which oversees distribution, marketing, sales, and services in Australia and New Zealand, announced that they were investigating a cyberattack on their systems. At that time, a data breach had not been confirmed, but Nissan advised customers to remain vigilant and watch out for potential scam attempts.
Fast forward two weeks, and the Akira ransomware gang took responsibility for the attack, claiming they had stolen 100GB of data. This included personal employee information, NDAs, project data, and information on partners and clients.
Nissan confirms data breach
Now, Nissan has confirmed some of Akira’s claims, admitting that hackers stole data on current and former employees, as well as customers of Nissan, Mitsubishi, Renault, Skyline, Infiniti, LDV, and RAM dealerships in the region. According to Nissan’s updated statement, they expect to notify approximately 100,000 individuals about the cyber breach over the coming weeks.
It’s important to note that up to 10% of these individuals had government identification compromised, such as Medicare cards, driver’s licenses, passports, and tax file numbers. The remaining 90% had other personal information impacted, like loan-related documents, employment details, and dates of birth.
The aftermath: what’s being done?
Nissan has promised to notify impacted customers individually to inform them exactly what information was exposed, what they can do, and what forms of support are available. Unfortunately, Akira has already leaked the stolen data on the dark web, posing a significant threat to those affected.
To help those impacted, Nissan is providing free access to IDCARE, free credit monitoring services through Equifax in Australia and Centrix in New Zealand, and reimbursement for the replacement of compromised government IDs. They also advise customers to remain vigilant for suspicious activity on their accounts, report it to the authorities, enable multi-factor authentication where possible, and update passwords regularly.
Don’t let this happen to you
Cybersecurity is more important than ever in our increasingly connected world. We at IT Services understand this and are dedicated to helping you protect your personal and business information. Don’t wait until it’s too late – reach out to us today and let our team of experts help you secure your digital life. And be sure to keep coming back to learn more about the ever-evolving world of cybersecurity.