Everest Ransomware Group Claims Breach of Nissan Motor Corporation
The Everest ransomware group has alleged a breach of Nissan Motor Corporation, the Japanese automaker, posting claims on its dark web leak site on January 10, 2026. The group shared six screenshots purportedly from stolen data, displaying directory structures containing ZIP archives, text files, Excel sheets, and CSV documents. The leaked material includes internal records such as dealership reports, financial documents, audit files, and system folders, with some spreadsheets listing dealership names, addresses, and regional operations data.
While the screenshots do not show sensitive personal information, the file types and folder names suggest access to operational systems and internal processes. Everest has given Nissan five days to respond before releasing the full dataset.
This incident follows a pattern of cyberattacks targeting Nissan. In August 2025, the Qilin ransomware group claimed to have stolen 4TB of data from Nissan’s design subsidiary, Creative Box Inc.. Earlier, in March 2024, Nissan confirmed a breach affecting 100,000 employees and customers in Australia and New Zealand. The company also suffered a 2021 source code leak due to a misconfigured Git server secured with default credentials.
Everest has been highly active, targeting major organizations in 2025 and 2026, including ASUS, Chrysler, Iberia Airlines, Under Armour, Petrobras, AT&T, and Dublin Airport. As of now, Nissan has not publicly addressed the latest claims, leaving the outcome of the ransom demand uncertain.
Source: https://hackread.com/everest-ransomware-nissan-data-breach/
Nissan Motor Corporation cybersecurity rating report: https://www.rankiteo.com/company/nissan-motor-corporation
Nissan Motor Corporation cybersecurity rating report: https://www.rankiteo.com/company/nissan-motor-corporation
Nissan Motor Corporation cybersecurity rating report: https://www.rankiteo.com/company/nissan-motor-corporation
"id": "NISNISNIS1768237860",
"linkid": "nissan-motor-corporation, nissan-motor-corporation, nissan-motor-corporation",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Automobile Manufacturing',
'location': 'Japan',
'name': 'Nissan Motor Corporation',
'size': 'Large',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': 'Yes',
'file_types_exposed': ['.csv', '.txt', '.pgp', '.xls', '.zip'],
'personally_identifiable_information': 'Not explicitly shown '
'in screenshots, but '
'implied in dealership '
'and operational data',
'sensitivity_of_data': 'Potentially sensitive operational and '
'financial data',
'type_of_data_compromised': 'Operational data, internal '
'records, dealership information, '
'financial records, audit '
'reports'},
'date_publicly_disclosed': '2026-01-10',
'description': 'The Everest ransomware group claims to have breached Nissan '
'Motor Corporation, publishing screenshots of allegedly stolen '
'data on their dark web leak site. The data includes directory '
'structures, internal records, and files such as ZIP archives, '
'text files, Excel sheets, and CSV documents. The group has '
'given Nissan five days to respond before leaking the data.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'data breach claims',
'data_compromised': 'Internal records, directory structures, '
'reports, data extracts, dealership-related '
'documentation, financial records, audit '
'reports, and system folders'},
'investigation_status': 'Ongoing',
'motivation': 'Extortion',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Everest'},
'references': [{'date_accessed': '2026-01-10', 'source': 'Hackread.com'}],
'threat_actor': 'Everest Ransomware Group',
'title': 'Everest Ransomware Group Claims Breach of Nissan Motor Corporation',
'type': 'Ransomware'}