Nissan Oceania, the regional division overseeing distribution, marketing, sales, and services in Australia and New Zealand, has confirmed a significant data breach impacting approximately 100,000 individuals.
The breach stems from a cyberattack that occurred in December 2023, which was claimed by the Akira ransomware group.
Here’s all you need to know about the attack.
Initial Attack and Akira's Claims
The incident stems from a disruptive ransomware attack in early December 2023 that crippled Nissan Oceania's systems. At the time, the company acknowledged an "IT incident" was under investigation but did not confirm a data theft.
However, the notorious Akira ransomware gang soon took credit, claiming it had exfiltrated a trove of 100GB of proprietary data, including employee records, confidentiality agreements, business documents, and customer information across Nissan's portfolio of automotive brands like Mitsubishi, Renault, Infiniti and others.
Breach Confirmation and Compromised Data
Weeks later, Nissan has now confirmed parts of Akira's alarming claims in its latest disclosure. The company revealed that personal data on both current and former employees was indeed stolen by the cybercriminals, in addition to customer records spanning Nissan, Mitsubishi, Renault, Skyline, Infiniti, LDV, and RAM dealerships across Australia and New Zealand.
Most distressingly, up to 10% of the impacted individuals had incredibly sensitive government documents compromised, including approximately 4,000 Medicare cards, 7,500 driver's licenses, 220 passports, and 1,300 tax file numbers.
For the remaining 90% caught up in the breach, other personal data was exposed such as loan documents, employment information, and dates of birth - still highly concerning from a privacy and security standpoint. The stolen data has already been maliciously published on the dark web by Akira's operators as part of their extortion tactics.
Nissan’s data published on Akira’s site. (source: bleepingcomputer.com)
Nissan's Response and Customer Support
In a statement uploaded on their site, Nissan has said that they are offering free access to IDCARE, free credit monitoring services through Equifax in Australia and Centrix in New Zealand, and reimbursement for the replacement of compromised government IDs.
The automaker has also advised customers to remain vigilant for suspicious activity on their accounts, report any concerns to the authorities, enable multi-factor authentication where possible, and update passwords regularly.
The data breach serves as a stark reminder of the persistent threat posed by ransomware groups and the need for robust cybersecurity measures to protect sensitive personal information.