Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them.
In early December 2023, the company – a regional Nissan division which includes Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand – revealed that an unauthorized third party accessed its local IT servers and caused downtime.
“We took immediate action to contain the breach, and promptly alerted the relevant government authorities, including the Australian and New Zealand national cyber security centres and privacy regulators,” the company noted.
At the time, they couldn’t confirm the extent nor the type of incident, but a few weeks later, the Akira ransomware group claimed responsibility for the attack and leaked data supposedly stolen from the company.
On Wednesday, the company confirmed that the breach affected some current and former employees, dealers and customers, including Mitsubishi, Renault, Skyline, Infiniti, LDV and RAM branded finance businesses.
“Nissan expects to formally notify approximately 100,000 individuals about the cyber breach over the coming weeks. This number might reduce as contact details are validated and duplicated names are removed from the list,” the company said.
