Nissan Confirms Data Breach Affecting 21,000 Customers After Red Hat Attack
Nissan Motor Co. disclosed on Monday that the personal data of approximately 21,000 customers was exposed in a breach at Red Hat, the software supplier responsible for hosting Nissan’s customer management systems. The incident, detected in September, stemmed from unauthorized access to Red Hat’s servers, where attackers exfiltrated data linked to Nissan Fukuoka Sales—a regional dealership in Japan.
The compromised information includes full names, physical addresses, phone numbers, email addresses, and other sales-related customer data. Nissan confirmed that financial details, such as credit card information, were not affected, and there is no evidence of misuse. The breach was limited to the affected Red Hat environment, which did not contain additional customer data.
The attack on Red Hat was first attributed to the Crimson Collective before the cybercriminal group ShinyHunters publicly leaked samples of the stolen data—hundreds of gigabytes from roughly 28,000 private GitLab repositories—in early October. Following Red Hat’s notification, Nissan promptly alerted Japan’s data protection regulator and directly informed impacted customers.
The automaker acknowledged concerns over third-party IT security, stating it is enhancing oversight of external suppliers. This marks Nissan’s second major cybersecurity incident in Japan this year, following a late-August ransomware attack by the Qilin group on its subsidiary, Creative Box. Globally, Nissan has faced repeated breaches, including a 2024 exposure of 53,000 employee records at Nissan North America and a 2023 Akira ransomware attack compromising 100,000 customers in Oceania. Requests for further comment from Nissan’s regional divisions went unanswered.
Source: https://www.techzine.eu/news/security/137491/data-of-21000-nissan-customers-leaked-via-red-hat/
Nissan Fukuoka Sales TPRM report: https://www.rankiteo.com/company/nissan-motor-corporation
Nissan Motor Co. TPRM report: https://www.rankiteo.com/company/nissan-motor-corporation
"id": "nisnis1766491709",
"linkid": "nissan-motor-corporation, nissan-motor-corporation",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '21,000',
'industry': 'Automotive',
'location': 'Fukuoka, Japan',
'name': 'Nissan Fukuoka Sales',
'type': 'Regional sales organization'}],
'attack_vector': 'Unauthorized access to data servers',
'customer_advisories': 'Affected customers were informed directly.',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '21,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Personally Identifiable Information '
'(PII)',
'type_of_data_compromised': ['Full names',
'Physical addresses',
'Telephone numbers',
'Email addresses',
'Sales and marketing data']},
'date_detected': '2023-09',
'date_publicly_disclosed': '2023-10-02',
'description': 'Nissan Motor Co. reported that the personal data of '
'approximately 21,000 customers was exposed due to a data '
'breach at Red Hat, which develops and hosts customer '
'management systems for Nissan’s sales companies. The breach '
'was discovered in September, and the leaked data includes '
'full names, physical addresses, telephone numbers, email '
'addresses, and additional customer data used for sales and '
'marketing purposes. Financial data was not compromised.',
'impact': {'brand_reputation_impact': 'Negative impact on brand reputation '
'due to repeated breaches',
'data_compromised': 'Personal data of 21,000 customers',
'identity_theft_risk': 'High',
'operational_impact': 'Compromised customer trust and regulatory '
'scrutiny',
'payment_information_risk': 'None',
'systems_affected': "Red Hat's data servers hosting Nissan's "
'customer management systems'},
'initial_access_broker': {'entry_point': "Red Hat's data servers",
'high_value_targets': 'Customer management systems'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The incident raises questions about the security of '
'outsourced IT environments and the need for stronger '
'oversight of external suppliers.',
'motivation': 'Data theft and extortion',
'post_incident_analysis': {'corrective_actions': 'Additional measures to '
'strengthen oversight of '
'external suppliers',
'root_causes': "Unauthorized access to Red Hat's "
'data servers by threat actors'},
'recommendations': 'Strengthen oversight of external suppliers and enhance '
'monitoring of third-party security practices.',
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'regulations_violated': 'Japanese data protection '
'regulations',
'regulatory_notifications': 'Notified Japanese data '
'protection regulator'},
'response': {'communication_strategy': 'Direct notification to affected '
'customers and public disclosure',
'enhanced_monitoring': 'Additional measures to strengthen '
'oversight of external suppliers',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Notification to Japanese data '
'protection regulator and affected '
'customers'},
'threat_actor': ['Crimson Collective', 'ShinyHunters'],
'title': 'Nissan Customer Data Breach via Red Hat Compromise',
'type': 'Data Breach'}