Nissan Oceania has warned of a data breach that affected 100,000 people following a cyber attack by Operation Akira ransomware in December 2023.
In early December, the Japanese automaker’s regional division responsible for distribution, marketing, sales and service in Australia and New Zealand announced it was investigating a cyberattack on its systems.
Although no data breach had been confirmed at the time, Nissan suggested customers be vigilant across their accounts and be aware of potential fraudulent activity.
Two weeks later, the Akira ransomware group claimed responsibility for the attack, claiming to have stolen 100GB of data, including documents containing employee personal information, NDAs, project data, and partner and customer information.
Nissan’s latest update confirms some of Akira’s claims, saying hackers have compromised some current and former employees and customers of Nissan, Mitsubishi, Renault, Skyline, Infiniti, LDV and RAM dealerships in the area. He admitted to stealing the data.
Nissan’s latest statement reads: “Nissan plans to formally notify approximately 100,000 people about the cyber breach in the coming weeks.”
“This number is likely to decrease as contact details are verified and duplicate names are removed from the list.”
Up to 10% of these individuals had their government identification documents compromised, such as Medicare cards, driver’s licenses, passports, and tax return numbers.
“The type of information involved varies from person to person; current estimates indicate that up to 10% of individuals have had their government identification compromised in some way,” Nissan’s statement continues.
“The dataset includes approximately 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports, and 1,300 tax file numbers.”
The remaining 90% had other personal information affected, such as loan documents, employment details, and date of birth.
Nissan has promised to individually notify affected customers and tell them exactly what information was exposed, what they can do, and what support is available.
Unfortunately, Akira has already leaked the stolen data through a blackmail page on the dark web.
To support affected customers, Nissan is providing free access to IDCARE, free credit monitoring services through Equifax in Australia and Centrix in New Zealand, and compensation for replacement of compromised government IDs.
The automaker advises customers to remain alert to suspicious activity on their accounts and report it to authorities, enable multi-factor authentication where possible, and update passwords regularly. There is.
