Nissan Motor Corporation and its financial services in Australia and New Zealand, collectively known as Nissan Oceania, have been the victims of a malicious cyberattack, compromising the personal information of over 10,000 individuals.
This incident, which came to light on December 5, 2023, has raised serious concerns about data security and the protection of personal information.
Nissan Oceania disclosed that an unauthorized third party accessed its local IT servers, prompting an immediate response to contain the breach.
Since then, the company has been working closely with government authorities, including the Australian and New Zealand national cyber security centers and privacy regulators, to assess the damage and implement measures to mitigate the impact on affected individuals.
The compromised data includes a wide range of personal information, affecting Nissan customers and its associated brands, dealers, and even some current and former employees.
The breach has potentially exposed sensitive information, including government identification numbers, Medicare cards, driver’s licenses, passports, and tax file numbers.
Impact on Individuals
The breach’s impact is far-reaching. Nissan estimates that around 100,000 individuals will be notified of it.
However, this number will decrease as the company validates contact details and removes duplicates.
For about 10% of these individuals, the breach has compromised forms of government identification, posing a significant risk of identity theft and fraud.
The remaining 90% have had other personal information impacted, including loan-related transaction statements, employment or salary details, and general information like dates of birth.
Nissan has apologized to the community for any distress this incident may cause and is committed to supporting affected individuals.
The Falconfeeds tweeted that the notorious Akira ransomware group has recently targeted Nissan Motor Australia, adding them to their list of victims.
Support and Guidance for Affected Individuals
In response to the breach, Nissan has rolled out several support services to help those impacted.
These include:
- IDCARE Partnership: Nissan has partnered with IDCARE, a leading identity and cyber support service in Australia and New Zealand, to offer expert case management and support at no cost to the affected individuals.
- Credit Monitoring Services: Free access to Equifax credit monitoring services in Australia and Centrix in New Zealand is being provided to watch for any fraudulent activity on affected individuals’ accounts.
- ID Replacement Reimbursement: Nissan will reimburse the cost of replacing compromised primary identity documents.
- Dedicated Customer Support Line: A dedicated line has been established for those who have received breach notification. It is available weekdays from 7 a.m. to 7 p.m. AEDT.
Nissan urges everyone to remain vigilant against identity theft, scams, or fraud.
This includes being cautious of unusual online activity, suspicious emails or attachments, and unsolicited communications asking for personal information.
The company also recommends regularly updating passwords, enabling multi-factor authentication, and reporting scam activities to the appropriate authorities.
As the situation unfolds, Nissan’s commitment to addressing the breach and supporting its community is clear.
However, this incident is a stark reminder of the ever-present risks in the digital world and the importance of robust cybersecurity measures.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.