Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand on Thursday started reaching out to those victims of a ransomware attack against the company last December.

On December 5, the Akira ransomware group obtained unauthorized access to local Nissan IT servers, the company said, adding it took immediate action to contain the breach, and promptly alerted the relevant government authorities, including the Australian and New Zealand national cybersecurity centers and privacy regulators.

Since that time, the company said it has been working urgently with government authorities and external cyber forensic experts to review the compromised data and understand the impact on individuals.

“We now know the list of affected individuals includes some of Nissan’s customers (including customers of our Mitsubishi, Renault, Skyline, Infiniti, LDV and RAM branded finance businesses), dealers, and some current and former employees,” the company said. “Nissan expects to formally notify approximately 100,000 individuals about the cyber breach over the coming weeks.”

Schneider Bold

Nissan said it estimates up to 10 percent of individuals have had some form of government identification compromised. The data set includes 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports and 1,300 tax file numbers.

The remaining 90 percent of individuals notified have had some other form of personal information impacted; including copies of loan-related transaction statements for loan accounts, employment or salary information or general information such as dates of birth, the company said.

Nissan put in place a number of services to support individuals who have had personal information compromised.

“Nissan is one of the most recognizable car manufacturers in the world, and it being hit by a ransomware attack is unfortunate, but not that surprising,” said Corin Imai, senior security advisor at DomainTools. “Huge name-brands are increasingly flooding the news as victims of cyberattacks and data breaches as ransomware gangs take advantage. Akira claimed to have stolen 100GB of Nissan data.”

“It would be interesting to learn how the Akira ransomware group gained unauthorized access and what steps Nissan is taking to prevent it from happening again, at least using the same attack method,” said Roger Grimes, data-driven defense evangelist at KnowBe4. “Akira is fairly well-known for attacking using unpatched public-facing software. Was this the case in this instance? And if so, what steps is Nissan taking to prevent unpatched software from being exploited in the future?

“I’m always disappointed when a compromised entity doesn’t know how they (ended up) successfully exploited…the root hacking cause. Far too many data breach announcements never let us know how the exploit happened and what steps the company is taking to address it. I get that the company is dealing with the outcome of a data breach and legally it’s probably better not to give out more information than necessary. But as a customer of many other companies involved in data breaches, I want to know how something happened and the next steps to make sure it doesn’t happen again.”

ISSSource

Pin It on Pinterest

Share This