Nissan confirms data breach, but says it isn't to blame

Data Breach
Image Credit: Shutterstock (Image credit: Shutterstock)

Automaker Nissan has confirmed suffered a data breach in June 2023 where sensitive, personally identifiable information on its customers was accessed by unauthorized third parties. 

The company has reported the incident to the Office of the Maine Attorney General, and began sending out breach notifications to affected customers. 

As per these reports, it did not exactly take responsibility for the incident, but rather said it was the result of a misconfigured database belonging to a third-party vendor. No malware seems to have been used. 

TechRadar Pro needs you! We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Unintentional and temporary

In its statement, Nissan said that last year, it had given a software development company customer data, which was needed in the process of developing and testing software for the carmaker. The data was poorly stored and poorly protected, resulting in a third party gaining access and most likely, stealing the intel.

"During our investigation, on September 26, 2022, we determined that this incident likely resulted in the unauthorized access or acquisition of our data, including some personal information belonging to Nissan customers," the company noted.

"Specifically, the data embedded within the code during software testing was unintentionally and temporarily stored in a cloud-based public repository."

As per the incident report shared with the Office of the Maine Attorney General, a total of 17,998 customers were affected by the breach. These customers have had their full names, birth dates, and NMAC account numbers (Nissan finance account) accessed. Payment data, as well as Social Security numbers, were allegedly not accessed.

The data might have been accessed, Nissan says, but it’s yet to be used for any illegal activities. According to the company, there is no evidence of the ata being abused in the wild. Affected users have been given a free one-year membership for identity protection services through Experian.

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Security
American National Insurance Company breach data found online
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
An abstract image of padlocks overlaying a digital background.
Thousands of Bitcoin ATM users may have personal data leaked after breach
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Mizuno USA says hackers were able to breach networks, steal data for months
Volkswagen Lane Keep
Over 800,000 electric car owners and drivers may have had private info exposed online
Code Skull
Casio confirms data of 8,500 people exposed in recent ransomware attack
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Scam alert
Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Representational image of a cybercriminal
Allstate sued for exposing personal customer information in plaintext
Latest in News
Mufasa is joined by another lion, a monkey and a bird in this promotional image
Mufasa: The Lion King prowls onto Disney+ as it finally gets a streaming release date
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Nvidia RTX 5060 GPU spotted in Acer gaming PC, suggesting rumors of imminent launch are correct – and that it’ll run with only 8GB of video RAM
Indiana Jones talking to a friend in a university setting with a jaunty smile on his face
New leak claims Indiana Jones and the Great Circle PS5 release will come in April
A close up of the limited edition vinyl turntable wrist watch from AndoAndoAndo
This limited-edition timepiece turns the iconic Technics SL-1200 turntable into a watch, and I want one
A close up of Gemma sitting down in Severance season 2 episode 7
'I'm like Gemma – I'm in the dark': Severance season 3 gets disappointing filming update from Apple TV+ star Dichen Lachman