Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Thousands of Nissan customers have had their data stolen in cyberattack

Red padlock open on electric circuits network dark red background.

The cyberattack on Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand, which happened in December 2023 resulted in the theft of sensitive data belonging to roughly 100,000 people, the company has confirmed.

In an update posted on its website Nissan said it had started notifying affected individuals, with data stolen from customers, current and former employees, as well as some dealers. 

Customers include owners of Mitsubishi, Renault, Skyline, Infiniti, LDV, and RAM brands, the company noted.

No news on the attackers

Not all people have had the same types of information stolen. At the moment, Nissan believes that roughly 10% of the victims have had “some form of government identification” compromised. That includes 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports, and 1,300 tax file numbers. 

For the remaining 90%, other personal information was obtained, including copies of loan-related transaction statements for loan accounts, employment or salary information or general information such as dates of birth.

“We know this will be difficult news for people to receive, and we sincerely apologize to our community for any concerns or distress it may cause,” Nissan said.

In early December last year, Japanese car manufacturing giant said it was investigating a possible data breach, and warned customers to be wary of potential scam emails and messages delivering malware. In a brief notification published on the Nissan Oceania websites at the time, it was said that the Australian and New Zealand Corporation and Financial Services suffered a “cyber incident”. 

This division handles distribution, marketing, sales, and services, in the above mentioned countries.

The company did not discuss the type of the attack, or the identity of the threat actors behind it. Given that the company’s systems operated normally throughout the incident, it would seem that this was not a ransomware attack.

Nissan is said to be working with relevant authorities, and will be offering affected people identity theft and credit monitoring and protection through IDCARE, Equifax, and Centrix.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.