Nissan North America blames third-party provider for data breach

Share post:

Nissan North America has begun delivering data breach notifications indicating the disclosure of client data as a result of a breach at a third-party service provider.

Nissan said it launched an investigation after ensuring that the third-party provider had contained the threat. Nissan also stated that it worked with the provider to ensure that similar incidents do not occur in the future.

When Nissan learned of the security breach, it immediately secured the exposed database and launched an internal investigation. It confirmed on September 26, 2022, that an unauthorized person had most likely accessed the data.

Nissan notified the Office of the Maine Attorney General of the security breach on Monday, January 16, 2023, and revealed that 17,998 customers were affected.

The investigation into the breach was completed in September, and it was determined that the incident most likely resulted in unauthorized access or acquisition of data, including some personal information belonging to Nissan customers. The breach was caused by data embedded within the code during software testing being unintentionally and temporarily stored in a cloud-based public repository, which was another case of data exposure on an unsecured cloud instance.

Names, dates of birth, and account numbers may have been exposed in the breach. Credit card and Social Security numbers were not disclosed. While noting that there is no evidence of data misuse, Nissan is offering credit monitoring through Experian plc, a company that has its own issues with data breaches.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Canadian School Boards Hit by Data Breach in PowerSchool Cyber Incident

A significant data breach involving PowerSchool, a widely used student information system, has affected multiple school boards across...

Chinese Hackers Compromised More U.S. Telecom Networks Than Previously Known

A new report from the Wall Street Journal reveals that a Chinese hacking campaign has compromised more U.S....

Cyber Security Today Year End Review: December 21, 2024

This is our year end show. We'll be back in early January, 2025. Merry Christmas and Happy Holidays. Join...

Millions Stolen in Crypto Wallets Linked to 2022 LastPass Hack: Cyber Security Today for Friday, December 20, 2024

Millions Stolen in Crypto Wallets Linked to 2022 LastPass Hack, TP-Link Routers Face Possible U.S. Ban Over National...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways