Nissan suffered a data breach last November in a ransomware attack that exposed the Social Security numbers of thousands of current and former employees, the Japanese automaker announced Wednesday.
Nissan’s U.S. subsidiary, Nissan North America, detailed the cyberattack in a May 15 letter to those affected. In the letter, Nissan North America said a bad actor attacked the company’s virtual private network and demanded payment. Nissan did not say whether it paid the ransom.
“Upon learning of the attack, Nissan immediately notified law enforcement and began taking immediate action to investigate, contain and terminate the threat,” the automaker said in the letter, adding that “Nissan worked very closely with external cybersecurity professionals.” experienced in handling these types of complex security incidents.
Nissan North America also informed US authorities of the attack, noting that data belonging to more than 53,000 current and former workers had been compromised. But the company said its investigation found that those affected had not had their financial information disclosed.
Nissan North America “has no indication that any information was misused or was the target of the attack,” the automaker said in its letter.
Ransomware attacks, in which cybercriminals disable a target’s computer systems or stealing data and then demanding payment to restore service, have become increasingly common. A cybersecurity expert said someone likely obtained a password or multi-factor authentication code from an existing Nissan employee, allowing the hacker entry through the company’s VPN.
“It is unfortunate that the breach ultimately involved personal information, but Nissan did the right thing by continuing to investigate the incident and reporting the update,” said Erich Kron, cybersecurity awareness advocate at KnowBe4, to CBS MoneyWatch in an emailed statement. “In this case, targeting the VPN will often help bad actors avoid detection and bypass many organizational security controls in place.”
Grub5
