Thursday, June 13, 2024
HomeCyber SecurityNissan reveals ransomware assault uncovered 53,000 staff' social safety numbers

Nissan reveals ransomware assault uncovered 53,000 staff’ social safety numbers

Nissan North America has revealed that extortionists who demanded a ransom after breaking into its exterior VPN and disrupted methods final yr additionally stole the social safety numbers of over 53,000 workers.

The safety breach occurred on November 7, 2023. Upon preliminary investigation, Nissan and exterior consultants introduced in by the agency discovered that though cybercriminals had accessed its methods with out authorisation, the one information entry had been largely business-related. This was communicated to staff in a Nissan City Corridor assembly on December 5, 2023.

Sadly, Nissan now finds itself within the embarrassing place of getting to warn staff that delicate private data was accessed by the hackers – together with the names and social safety numbers of over 53,000 present and former staff.

The automotive firm warned workers in a knowledge breach notification letter of the potential for fraud or id theft on account of the breach, however has not seen any proof that this has occurred thus far.

Nissan has confirmed the accessed information doesn’t embody monetary data associated to the person staff. The corporate has supplied free 24-month credit score monitoring and id theft safety by way of Experian for affected staff.

It is not the primary time that Nissan has suffered by the hands of hackers.

As an illustration, in December 2023, Nissan Australia and New Zealand suffered an assault by the Akira ransomware gang which uncovered particulars belonging to 100,000 of the corporate’s prospects, sellers, and present and former workers.

Nissan estimated that round 10% of people affected had had some type of authorities identification compromised – together with tax file numbers, driving licenses and passports.

In January final yr, Nissan North America found a “severely mismanaged” server had leaked the proprietary supply code of its cellular apps and advertising and marketing instruments.  It later emerged that the server was “protected” by the username/password mixture of admin:admin.

In the identical month, 17,998 Nissan North America prospects had been affected by a breach at a third-party service supplier.

And again in 2016, Nissan shut down its world web sites after discovering itself on the sharp finish of a distributed denial-of-service (DDoS) assault linked to an Nameless protest about dolphin culling in Japan.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments