100,000 Australians and New Zealanders had their data stolen in Nissan cyberattack
Hackers have once again hit their target, this time targeting Australians and New Zealanders. The latest victim: Nissan Oceania, the regional division of the global auto giant Nissan. The auto giant reported on Wednesday that the personal information of nearly 100,000 customers in Australia and New Zealand was compromised in a cyberattack.
This breach, believed to be orchestrated by ransomware perpetrators, struck the automotive giant’s regional division in December 2023, sending shockwaves through its network.
Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand said it has started contacting the affected individuals over the subsequent weeks. With up to ten percent of victims falling prey to the theft of government identification, and the remainder suffering the loss of various forms of personally identifiable information (PII), the ramifications of this breach are profound.
“The Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand (“Nissan Oceania”) has today begun contacting individuals in relation to a cyber incident that has affected its local businesses. On 5 December 2023, a malicious third party obtained unauthorised access to our local IT servers. We took immediate action to contain the breach, and promptly alerted the relevant government authorities, including the Australian and New Zealand national cyber security centres and privacy regulators,” Nissan said in a statement posted on its website.
As part of its effort to mitigate the fallout and reassure the affected parties, Nissan has committed to providing 12 months of complimentary credit monitoring services to those impacted by this breach. However, the scope of the breach extends beyond customers alone, encompassing current and former employees, dealers, and affiliates of Nissan and its associated brands, including Mitsubishi, Renault, Infiniti, LDV, and RAM.
In a public statement issued on its website, Nissan expressed deep regret for the distress caused by this breach, acknowledging the severity of the situation and pledging to prioritize transparency and support for those affected. With reports indicating that up to 10% of individuals may have had sensitive documents such as Medicare cards, driver’s licenses, passports, or tax file numbers pilfered, the urgency of the response cannot be overstated.
“We know this will be difficult news for people to receive, and we sincerely apologize to our community for any concerns or distress it may cause. We are committed to contacting affected individuals as soon as possible to tell them what information was involved, how we are supporting them, and the steps they can take to protect themselves against the risk of harm, identity theft, scams, or fraud,” the automotive giant added.
As Nissan Oceania endeavors to navigate the fallout from this breach, it serves as a stark reminder of the escalating threat landscape facing the automotive industry. As vehicles become increasingly interconnected and reliant on cutting-edge technology, they inadvertently become more susceptible to malicious cyber intrusions. Thus, vigilance and proactive measures are paramount in safeguarding against future attacks.
For customers and stakeholders of Nissan and its affiliated brands, heeding communications from Nissan Oceania regarding remedial actions and precautionary measures is imperative in mitigating the risks of identity theft, scams, or fraud. This incident underscores the imperative for the automotive sector to fortify its cybersecurity defenses and remain steadfast in the face of evolving digital threats.