Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.

A possible ransomware attack has exposed government and personal data of Australians and New Zealanders, encompassing the carmaker's customers, dealers, and employees.

2 Min Read
Eastern Grey Kangaroo (Macropus giganteus) in the sunset, Mungo National Park, New South Wales, Australia
Source: imageBROKER.com GmbH & Co. KG

A possible ransomware attack at Nissan has exposed personal information belonging to around 100,000 people in Australia and New Zealand.

The Japanese vehicle manufacturer has a troubled history with cyberattacks, dating back well over a decade. It has variously suffered a source code leak, a proof-of-concept exploit affecting its electric vehicles (EVs), and a data breach affecting more than 1 million customers.

Most recently, on Dec. 5, hackers obtained access to IT systems at Nissan's Oceania-region corporate and finance offices. The incident was rapidly addressed, the company wrote in an update on March 13, but not before the perpetrators exfiltrated significant amounts of sensitive data.

Dealers, some current and former employees, and customers of Renault-Nissan-Mitsubishi Alliance vehicles (which includes those three brands, as well as Infiniti and others) can expect formal notices of compromise in the coming weeks. Up to 10% of them have had at least one form of government ID stolen — 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports, and 1,300 tax file numbers — and the remaining majority have lost other forms of personal information, such as copies of loan-related transaction statements, employment and salary information, and more general information like dates of birth.

Was It Ransomware?

Nissan hasn't revealed the nature or perpetrators of its attack. It's notable, though, that late last December the Akira ransomware gang claimed to have stolen 100GB of data from the company's Oceania division.

Dark Reading has reached out to Nissan Oceania for clarification on this point but has not yet received a reply.

"What's really surprising to me about this one is that they don't have data-at-rest encryption technology running," says Darren Williams, CEO and founder of BlackFog. "That's a common thing to do these days — you really should have all that personal data encrypted on drives, so even if the bad guys do get in, they're only getting encrypted data that they can't decrypt."

Besides encryption, he suggests, companies can protect against potential extortion attacks with anti-data exfiltration (ADX) tooling, "because if you're not watching the data leaving your building, then you don't know what's being lost until it's too late."

"Ninety-two percent of all attacks actually involve data exfiltration," Williams emphasizes. "That's how big the problem is."

About the Author(s)

Nate Nelson, Contributing Writer

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights