Connect with us

Hi, what are you looking for?



Nissan Canada Informs 1.1 Million Customers of Data Breach

Nissan Canada revealed on Thursday that the personal information of some customers may have been compromised as a result of a data breach discovered by the company on December 11.

Nissan Canada revealed on Thursday that the personal information of some customers may have been compromised as a result of a data breach discovered by the company on December 11.

The incident affects individuals who have financed their vehicles through Nissan Canada Finance (NCF) and INFINITI Financial Services Canada. The exact number of impacted customers has yet to be determined, but Nissan is notifying all 1.13 million current and past customers.

While the company believes not all customers are affected, it has decided to offer all of them free credit monitoring services through TransUnion for a period of 12 months. NCF is in the process of sending out emails and letters to individuals whose information may have been compromised.

The attacker could have stolen names, addresses, vehicle details, vehicle identification numbers (VINs), credit scores, loan amounts, and information on monthly payments. Nissan Canada says the incident does not appear to involve payment card information.

There is no indication that Nissan or Infiniti customers in Canada who did not obtain financing through NCF or customers outside of Canada are impacted.

The company is working with law enforcement and data security experts to investigate the incident and has not made any comments on who might be behind the attack. Canadian privacy regulators have also been informed of the breach.

This is not the first time Nissan has been targeted by hackers. Back in 2012, the company reported finding malware on its global information systems network. Last year, the company was forced to shut down its global websites due to a cyberattack apparently motivated by anger over Japan’s controversial whale and dolphin hunts.

Advertisement. Scroll to continue reading.

Related: Uber Hacked – Information of 57 Million Users Accessed in Covered-Up Breach

Related: API Flaw Exposes Nissan LEAF Cars to Remote Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...