Thousands of Nissan North America workers hit in data breach

representational image of a cloud firewall
Image Credit: Pixabay (Image credit: Pixabay)

Sensitive personal data, including Social Security Numbers (SSN), on thousands of Nissan North America (NNA) employees, has been stolen, the company has confirmed.

Nissan is only now reporting on the attack as it only recently concluded its investigation and discovered the data theft.

In early November 2023, a threat actor targeted NNA’s external VPN, and shut down parts of its IT infrastructure. After that, they demanded a ransom payment in exchange for releasing the infrastructure. NNA notified law enforcement, brought in third-party security experts, and quickly expelled the attackers.

Baphomet arrested

At the time, there was no talk of stolen data, but after a more thorough investigation, which concluded on February 28, things changed. NNA "identified certain personal information in the data primarily relating to current and former NNA [Nissan] employees including Social Security numbers."

A data breach notification filed on May 15 with the Office of the Maine Attorney General, NNA said that some 53,000 people were affected by the breach. Besides SSN, exposed data include personal identifiers (names). The company said that the stolen files did not contain any financial or payment details. 

At press time, there was no evidence of the files being misused in any way. 

The company notified affected individuals via a letter which, among other things, includes instructions on how to sign up for a two-year credit and identity theft monitoring services, offered for free via Experian. 

This is not Nissan’s first rodeo. Late last year, Nissan Oceania, which covers the markets of Australia and New Zealand, confirmed suffering a data breach which resulted in the theft of sensitive customer data on more than 100,000 people. Customers included owners of Mitsubishi, Renault, Skyline, Infiniti, LDV, and RAM brands, the company noted at the time. 

It was later discovered that the Akira ransomware was used in the attack.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.