Everest Ransomware Strikes Nissan in Major Data Breach
The Russia-linked cybercrime group Everest Ransomware has claimed responsibility for a significant cyberattack on Nissan Motor Corporation, resulting in the theft and public release of approximately 900GB of sensitive data. The breach, announced on January 10, 2026, follows the group’s previous high-profile attack on ASUS in December 2025, where nearly 1TB of data was exfiltrated.
According to Everest, the stolen Nissan data now published on the dark web includes dealer names, addresses, contact details, employee records, and confidential dealership program documentation. A leaked screenshot provided as proof underscores the severity of the breach, which exposes personally identifiable information (PII) and internal business operations. The public release suggests failed ransom negotiations, if any occurred.
This incident marks the latest in a series of cybersecurity challenges for Nissan. In December 2025, the company reported a breach affecting 21,000 customers via a vulnerability in Red Hat’s Content Management System (CMS), used for sales and inventory management. Earlier, in November 2024, the Akira Ransomware group targeted Nissan’s Australia and New Zealand operations, compromising data on over 100,000 individuals.
The repeated attacks highlight the automotive sector’s growing vulnerability to ransomware, as digitization expands the attack surface for cybercriminals. While Nissan has not yet confirmed the full scope of the Everest breach, the incident underscores the escalating threat posed by sophisticated ransomware groups to global enterprises.
Source: https://www.cybersecurity-insiders.com/everest-ransomware-targets-nissan-following-asus-data-breach/
ASUS cybersecurity rating report: https://www.rankiteo.com/company/asus
Nissan Motor Corporation cybersecurity rating report: https://www.rankiteo.com/company/nissan-motor-corporation
"id": "ASUNIS1768259448",
"linkid": "asus, nissan-motor-corporation",
"type": "Ransomware",
"date": "1/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Automotive',
'location': 'Japan',
'name': 'Nissan Motor Corporation',
'size': 'Large',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Dealer names',
'Physical addresses',
'Contact information',
'Employee records',
'Confidential dealership program '
'documentation']},
'date_publicly_disclosed': '2026-01-10',
'description': 'The Russia-linked cybercrime group Everest Ransomware '
'launched a major cyberattack against Nissan Motor '
'Corporation, resulting in the theft of approximately 900GB of '
'sensitive data. The stolen data was released on the dark web '
'and includes dealer names, addresses, contact information, '
'employee records, and confidential dealership program '
'documentation.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': '900GB',
'identity_theft_risk': 'High',
'operational_impact': 'Exposure of internal business operations '
'and dealership programs'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'motivation': 'Financial gain, Data exfiltration',
'ransomware': {'data_exfiltration': 'Yes',
'ransomware_strain': 'Everest Ransomware'},
'references': [{'date_accessed': '2026-01-10',
'source': 'Everest Ransomware public announcement'}],
'threat_actor': 'Everest Ransomware',
'title': 'Everest Ransomware Attack on Nissan Motor Corporation',
'type': 'Ransomware'}