Nissan Motor Co., Ltd. has disclosed a significant data breach affecting approximately 21,000 customers of Nissan Fukuoka Sales Co., Ltd. following unauthorized access to a Red Hat-managed server used for developing the company’s dealership customer management system.
Red Hat, a software company contracted by Nissan to develop its customer management infrastructure, detected the unauthorized access on September 26, 2025.
The breach compromised personal information belonging to customers who had purchased vehicles or received service at the former Fukuoka Nissan Motor dealership.
Upon detection, Red Hat immediately removed unauthorized access and implemented measures to prevent future intrusions.
Nissan received formal notification of the incident on October 3, 2025, and promptly reported the breach to Japan’s Personal Information Protection Commission. The company has since begun directly contacting affected customers.
Limited Data Exposure
The leaked data included customer names, addresses, phone numbers, partial email addresses, and information used for sales activities.
Notably, credit card and other sensitive financial information were not compromised in the breach.
Nissan confirmed that Red Hat’s servers did not store any additional customer information beyond what was accessed, eliminating concerns about further data leakage.
As of the disclosure, there is no evidence that the compromised personal information has been used for secondary purposes or criminal activities.
However, Nissan warned customers to remain vigilant against suspicious communications, including phishing calls and fraudulent correspondence.
The incident underscores ongoing vulnerabilities in third-party supply chains and contractor-managed infrastructure.
Nissan acknowledged the breach represents a serious security failure and committed to strengthening monitoring of subcontractors and enhancing overall information security protocols.
This breach highlights critical risks associated with outsourcing sensitive customer data management to external vendors, a persistent challenge across the automotive industry.
Companies relying on third-party developers must implement rigorous security oversight to prevent similar incidents.
Nissan has apologized to affected customers for the inconvenience and concern caused by the unauthorized data access and continues cooperating with regulatory authorities on the investigation.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.