The wake of a serious cyberattack on Nissan Australia’s IT systems continues, with customer data released onto the dark web.
In a post published on the Nissan Australia website, the company announced it was aware data accessed during the cyberattack has now been published online.
“We are working urgently with our global incident response team and cyber forensic experts to understand what information was accessed and the types of information that was posted on the dark web,” Nissan wrote in the statement.
“Where we identify customer data has been accessed in a manner which gives rise to a risk of serious harm, we will contact you in accordance with our legal obligations, including to let you know what information was involved and what support is available to you.”
The post goes on to say Nissan has contacted the Australian Cyber Security Centre and other relevant authorities regarding the matter.
“We are deeply sorry for any concerns this has caused for those who have been impacted,” Nissan Australia wrote.
As reported by Drive in December 2023, Nissan’s dealership network has been left crippled by the attack, with technicians unable to access information required for recalls and servicing.
Due to the system shutdown, Nissan’s service centres were also unable to order genuine parts from the company’s central warehouse.
Australian employees have had to revert to using Nissan Europe’s email system, as their main local email inboxes could not be accessed.
While Nissan Australia has never confirmed whether this was a ‘ransomware attack’ – a type of operation in which cyber criminals hold IT systems and data for ransom – with the customer’s data now being released onto the dark web, it appears as if Nissan may have refused to comply with the hackers’ demands.
<button class="navigation_glide__arrow__je__h navigation_glide__arrow–left__y3DP1 navigation_glide__arrow–inactive__H6d8_" data-glide-dir="|Previous