"Nissan Data Breach Affects 100,000 Individuals"

Nissan Oceania recently announced that roughly 100,000 individuals were affected by a data breach resulting from a ransomware attack conducted by a known cybercrime group in late 2023.  Nissan said it detected an intrusion on December 5, 2023, and informed customers about a disruptive cyber incident the same day.  The attack impacted Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand.  A few weeks later, the Akira ransomware group took credit for the attack, claiming to have stolen 100 GB of information from the company, including corporate files and personal information.   Nissan noted that following an investigation conducted with the aid of government authorities and external cybersecurity experts, it was determined that the data breach impacted some Nissan customers, dealers, and current and former employees.  The customers of Mitsubishi, Renault, Skyline, Infiniti, LDV, and RAM branded finance businesses are also affected.  The company noted that the type of information involved will be different for each person.  Current estimates are that up to 10% of individuals have had some form of government identification compromised.  The data set includes approximately 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports, and 1,300 tax file numbers.  The remaining 90% of individuals being notified have had some other form of personal information impacted, including copies of loan-related transaction statements for loan accounts, employment or salary information, or general information such as dates of birth.

SecurityWeek reports: "Nissan Data Breach Affects 100,000 Individuals"