Nissan Motor Co. has confirmed that the personal information of around 21,000 customers was exposed following a cybersecurity breach at Red Hat, the U.S.-based software provider contracted to support systems used by Nissan dealerships.<\/p>\n
The Japanese automaker said it was indirectly affected by the incident, which involved unauthorized access to Red Hat\u2019s data servers in late September. According to Nissan, the breached systems were used to develop customer management tools for its sales companies.<\/p>\n
In a statement, Nissan said Red Hat informed that the illegal access to its servers resulted in the leak of customer information belonging to Nissan Fukuoka Sales Co., Ltd., a dealership group operating in Japan\u2019s Fukuoka region.<\/p>\n
The compromised information includes customers\u2019 full names, physical home addresses, phone numbers, email addresses, and other data used in sales operations. Nissan stressed that no financial information, such as credit card or payment details, was exposed.<\/p>\n
The affected customers include individuals who purchased vehicles or received servicing at the former Fukuoka Nissan Motor Co., Ltd., which has since been rebranded as Nissan Fukuoka Sales Co., Ltd.<\/p>\n
Breach Detected In Late September<\/strong><\/p>\n Red Hat detected the unauthorized access on September 26 and said it immediately eliminated the intrusion and implemented measures to prevent further access. However, Nissan was not notified of the incident until October 3.<\/p>\n Upon receiving the report, Nissan said it informed Japan\u2019s Personal Information Protection Commission the same day and began contacting customers whose information may have been affected.<\/p>\n Nissan said it is also advising them to remain cautious about suspicious phone calls, emails, or mail that could attempt to exploit the leaked information.<\/p>\n \u201cAt this time, there has been no confirmation that the leaked information has been used for secondary purposes. However, we ask that you be extremely cautious of any suspicious phone calls or mail you receive,\u201d the company said.<\/p>\n Nissan also noted, \u201cThe servers used by Red Hat do not store any customer information other than the data that was leaked this time, so there is no risk of further data leaks.\u201d<\/p>\n Hack Linked To Larger Red Hat Data Theft<\/strong><\/p>\n The Red Hat breach is part of a broader cyber incident that became public in early October, after hackers claimed to have stolen hundreds of gigabytes of sensitive data from tens of thousands of private GitLab repositories.<\/p>\n The attack was initially claimed by a group known as the Crimson Collective, with the ShinyHunters hacking group later sharing samples of the stolen data to increase pressure on Red Hat.<\/p>\n While Nissan said there is no evidence its customer data has been abused and apologized for the incident, adding that it will strengthen security oversight of its contractors.<\/p>\n A Pattern Of Cyber Incidents<\/strong><\/p>\n This is the second cybersecurity incident involving Nissan in Japan this year. In August, the company\u2019s design subsidiary, Creative Box Inc., was hit by a Qilin ransomware attack. In previous years, Nissan operations in North America and Oceania have also suffered data breaches affecting employees and customers.<\/p>\n Nissan offices in Japan, Europe, and the Americas had not provided additional comment at the time of publication.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Nissan Motor Co. has confirmed that the personal information of around 21,000 customers was exposed following a cybersecurity breach at Red Hat, the U.S.-based software provider contracted to support systems used by Nissan dealerships. The Japanese automaker said it was indirectly affected by the incident, which involved unauthorized access to Red Hat\u2019s data servers in […]<\/p>\n","protected":false},"author":20,"featured_media":128203,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48520,3141,7],"tags":[62613,64785,531,4878,912,6837,1850,1425,6631,63144,64684],"class_list":{"0":"post-128200","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-news","9":"category-security-news","10":"tag-automotive","11":"tag-crimson-collective","12":"tag-data-breach-2","13":"tag-data-leak","14":"tag-github","15":"tag-japan","16":"tag-nissan","17":"tag-red-hat","18":"tag-server","19":"tag-shinyhunters","20":"tag-third-party-data-breach"},"yoast_head":"\n