This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Nissan Australia

Summary

Nissan Australia and New Zealand experienced a cyberattack on 5 December 2023 (publicly disclosed in January 2024) when the Akira ransomware group gained unauthorized access to local IT servers. The breach affected approximately 100,000 individuals, including customers of Nissan, Mitsubishi, Renault, Infiniti, and other brands financed through Nissan Financial Services.

What Happened

On 5 December 2023, a malicious third party obtained unauthorized access to Nissan Motor Corporation and Nissan Financial Services IT servers in Australia and New Zealand. The Akira ransomware group claimed responsibility and subsequently leaked data stolen from the company.

The attackers accessed and exfiltrated customer data before encrypting systems. Approximately 10% of affected individuals had government identification documents compromised, while the remaining 90% had loan documents and employment information exposed.

Secondary Breach: In April 2024, OracleCMS, the external call center operator Nissan engaged to handle customer inquiries about the initial breach, was itself breached. This resulted in summary information Nissan had provided to OracleCMS also being compromised, compounding the impact on affected individuals.

Impact on Individuals

The breach exposed:

  • Government ID documents (10% of victims):

    • 4,000 Medicare cards
    • 7,500 driver's licenses
    • 220 passports
    • 1,300 tax file numbers

  • Financial and employment data (90% of victims):

    • Loan-related documents
    • Employment and salary information
    • Personal details including dates of birth

The exposure of government identity documents creates significant risk for identity theft and fraud. Affected individuals can use compromised ID numbers to open bank accounts, apply for loans, or commit other forms of identity crime.

Organisational Response

Nissan offered affected individuals:

  • Access to IDCARE support services
  • Free credit monitoring
  • Reimbursement for identity document replacement costs

The NSW Government activated its ID Support program to assist affected residents with identity document replacement and fraud monitoring.

The secondary breach at OracleCMS highlighted the risks of sharing customer data with third-party service providers, even when responding to a data breach incident.

[extra.impact] affected_individuals = 100000 individuals_note = "" data_volume_gb = 0 record_count = 0 financial_cost_total = 0 ransom_demanded = 0 ransom_paid = 0 estimated_remediation = 0 downtime_hours = 0 downtime_note = "" +++

Verification Source: View original statement