Nissan Motor Company and Nissan Financial Services in Australia and New Zealand have started contacting affected individuals who had their personal information leaked as part of a cyber attack that occurred late last year.
The Japanese carmaker currently expects to notify around 100,000 individuals about the cyber attack over the coming weeks, though it’s expecting this number to reduce as contact details are verified and duplicate names are removed from the list.
Affected individuals that have been affected by this cyber attack include “some” Nissan customers, dealers, as well as “some” current and former employees.
Other affected individuals include customers of Nissan Financial Services’ Mitsubishi, Renault, Skyline, Infiniti, LDV and RAMS-branded finance businesses.
Nissan claims the type of information that was leaked is “different for each person”. It currently estimates 10 per cent of individuals have had some form of government identification compromised.
The data set includes approximately 220 passports, 4000 Medicare cards, 7500 driver’s licences, and 1300 tax file numbers.
Nissan claims the remaining 90 per cent of individuals affected in this cyber attack have had some other form of personal information impacted. This could include copies of loan-related transactions for loan accounts, employment or salary information, or general information such as dates of birth.
This particular cyber attack occurred on December 5, 2023, and was claimed to be carried out by a malicious third party that obtained unauthorised access to Nissan’s IT servers in Australia and New Zealand.
Nissan Australia claims it took “immediate action” to contain the breach and alerted relevant government authorities, including the Australian and New Zealand national cyber security centres and privacy regulators.
The company has since restored its systems and is continuing to work with its global incident response team and relevant authorities to investigate the extent of the cyber attack.
Following this breach Nissan Australia and New Zealand has put a number of services in place to support individuals who have had their personal information comprised.
These services include IDCARE, free credit monitoring, and reimbursement where the replacement of government ID is recommended by the relevant issuing authority.
Nissan also has a dedicated customer support phone line that can be contacted between 7AM and 7PM AEDT on weekdays. In Australia the phone number is 1800 958 000, and in New Zealand the phone number is 0800 44 50 14.
In addition to the above measures, Nissan Australia is also “encouraging the community” to heed the following steps:
- Be vigilant for any unusual or suspicious online activity
- Avoid clicking on any links or opening any suspicious emails or attachments
- Be vigilant for any unrecognised or unsolicited telephone calls, emails or messages asking you to provide personal information
- Always verify the sender of any communications received to make sure they’re legitimate
- Update your passwords regularly, using ‘strong’ passwords and not re-using passwords for multiple accounts
- Enable multi-factor authentication for your online accounts where available
- Report a scam in Australia by visiting Scamwatch at www.scamwatch.gov.au
“We understand the worry and anxiety that can arise when someone is told their personal information might be in the public domain,” said Nissan Financial Services managing director Andrew Maeer.
“That’s why it is important for us to gather enough information about the data breach so that we can understand the risks to people and provide them with the relevant advice and support.
“We are very sorry this has happened, and we sincerely apologise to all our customers, dealers and staff.
“We have put in place a range of support services, including access to ID Care, free credit monitoring, and reimbursement for government identification where required.
“Moving forward, we are fully committed to learning from this incident and implementing the necessary improvements to minimise the risk of similar occurrences in future.”