Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Nissan Data Breach Impacts 53,000 Employees

Nissan North America determined recently that a ransomware attack launched last year resulted in employee personal information compromise.

Nissan ransomware data breach

Nissan North America informed the Maine Attorney General this week that a ransomware attack launched last year resulted in the personal information of employees getting compromised.

According to the company, it learned in early November 2023 that a threat actor had gained access to its systems through an external VPN. The attacker did not encrypt data or disrupt any systems, but it did steal files from local and network shares and demanded a ransom.

An initial investigation showed that the files potentially accessed by the hackers only contained business information. However, in late February 2024, Nissan determined that the compromised files did include personal information, mainly related to current and former employees, including names and social security numbers.

The company says it’s not aware of any instances of fraud or identity theft resulting from the incident, but it has decided to provide free protection services to impacted employees.

The carmaker told the Maine Attorney General’s Office that just over 53,000 individuals are impacted by the data breach.

Nissan North America previously disclosed a data breach in January 2023, when it informed roughly 25,000 customers that their personal information was exposed in a data breach at a third-party services provider.

At around the time of the latest cyberattack targeting Nissan North America, Nissan Oceania was also hit by ransomware. The Akira ransomware group took credit for that attack, claiming to have stolen 100 Gb of information. 

The incident, which impacted Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand, was initially said to affect roughly 100,000 individuals.

Advertisement. Scroll to continue reading.

No ransomware group appears to have taken credit for the newly disclosed Nissan North America attack and it’s unclear if the two incidents are related. 

Commenting on the incident, Venky Raju, field CTO at ColorTokens, noted that there is a growing trend of these types of ‘smash and grab’ attacks, “where hackers are getting in, grabbing whatever they can find, and getting out”. 

“The data is sifted and then sold on the dark web or it is being used by the same actors as part of their reconnaissance,” Raju explained. 

“Smash and grab attacks rely on speed and ease of lateral movement within the network, as the adversary wants to find useful data quickly to avoid detection.  Implementing microsegmentation prevents, or will significantly slow down, the ability of the adversary to achieve their objectives, providing the security team with valuable time to detect and respond,” the expert added.

Related: Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive

Related: Nissan Canada Informs 1.1 Million Customers of Data Breach

Related: Biden Administration Will Investigate National Security Risks Posed by Chinese-Made ‘Smart Cars’

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights