Nissan confirms customer data exposure tied to Red Hat breach affecting 21,000 customers in Japan – teiss
Nissan Motor Co. Ltd. has confirmed that the personal information of thousands of its customers was compromised following a data breach at Red Hat, a U.S.-based enterprise software company, in September.
Nissan Motor Co. Ltd. has confirmed that the personal information of thousands of its customers was compromised following a data breach at Red Hat, a U.S.-based enterprise software company, in September.
The Japanese automaker said the incident affected customer data associated with Nissan Fukuoka Sales Co., Ltd., one of its regional sales companies in Japan. Approximately 21,000 customers who purchased vehicles or received services in Fukuoka had personal information exposed after unauthorized access to Red Hat’s data servers.
Nissan said it received notification from Red Hat, which it had commissioned to develop customer management systems for its sales operations. The company confirmed that the leaked data included full names, physical addresses, phone numbers, email addresses and customer information used in sales activities. Nissan stated that no financial information, including credit card details, was exposed.
The automaker said the compromised Red Hat environment did not store any additional Nissan data beyond what was identified and that there is no evidence at this time that the leaked information has been misused.
The Red Hat breach was disclosed publicly in early October and involved the theft of hundreds of gigabytes of sensitive data from tens of thousands of private GitLab repositories. The intrusion was initially claimed by a threat actor known as Crimson Collective, with additional pressure later applied after stolen data samples were hosted on an extortion platform operated by ShinyHunters.
Nissan said the breach did not impact other systems or operations beyond the confirmed customer data exposure at its Fukuoka sales unit.
The incident marks the second cybersecurity event involving Nissan Japan this year. In late August, a ransomware attack attributed to the Qilin group disrupted systems at Creative Box Inc., a Nissan design subsidiary. The company has also faced recent cyber incidents in other regions, including a breach last year affecting 53,000 employees in North America and a ransomware attack in Oceania that exposed data belonging to 100,000 customers.
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543
source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.
