Nissan Motor Company has publicly confirmed a big information breach stemming from unauthorized entry to Crimson Hat servers. Managed by a third-party contractor accountable for growing a buyer administration system.
The incident uncovered private data for roughly 21,000 Nissan Fukuoka Gross sales Co., Ltd. prospects. Crimson Hat, the contracted service supplier, detected the unauthorized server entry on September 26, 2025.
The corporate instantly revoked the attacker’s entry and applied countermeasures to stop additional intrusions.
21,000 Prospects Affected by Auto Information Breach
Nevertheless, notification to Nissan was delayed by per week. Crimson Hat knowledgeable Nissan Motor of the breach on October 3, 2025.
Prompting the automotive firm to report the incident to the Private Data Safety Fee on the identical day.
The leaked dataset contains buyer names, addresses, phone numbers, and partial e-mail addresses. Gross sales-related buyer data is utilized by Nissan’s vendor community.
Notably, the breach didn’t embrace bank card data or fee particulars, considerably limiting the chance of economic fraud. The affected buyer inhabitants contains people who bought autos or obtained service on the previously named Fukuoka Nissan Motor Co., Ltd…
It has since rebranded as Nissan Fukuoka Gross sales Co., Ltd. Nissan acknowledged it’s going to individually notify affected prospects and supply steering on protecting measures.
At present, no proof signifies that the compromised information has been exploited for fraudulent functions or offered on underground markets.
However, Nissan suggested prospects to stay vigilant towards suspicious communications, together with misleading cellphone calls or fraudulent correspondence.
The automotive producer confirmed that the Crimson Hat server atmosphere doesn’t comprise buyer information past the leaked dataset.
Eliminating issues about further breaches from the identical infrastructure. In response to the incident, Nissan Motor introduced it might strengthen oversight of contractors.
Improve data safety protocols throughout its operations. The corporate prolonged apologies to affected prospects and enterprise companions.
AI-Powered ISO 27001, SOC 2, NIST, NIS 2, and GDPR Compliance Guidelines => Begin for Free
