The Qilin ransomware group claimed a 4TB data breach at Nissan CBI, a Tokyo-based design subsidiary of Nissan Motor Co. The attackers exfiltrated 405,882 files, including 3D vehicle design data, CAD models, VR design images, financial spreadsheets (project timelines, cost estimates), internal reports, and proprietary automotive project documents. As proof, Qilin leaked samples: high-detail 3D renders of Nissan vehicles, financial/operational spreadsheets in Japanese, photorealistic car interior designs, and VR-based design workflows.The breach poses long-term competitive risks, as exposed trade secrets (e.g., advanced prototyping data) could be exploited by competitors or counterfeiters. The group threatened full disclosure if ransom demands are ignored, escalating reputational and intellectual property damage. Qilin, linked to prior high-impact attacks (e.g., 2024 NHS Synnovis breach causing patient deaths), underscores the severity of the threat. Nissan has not yet issued an official response.
Source: https://hackread.com/qilin-ransomware-gang-4tb-data-breach-nissan-cbi/
TPRM report: https://www.rankiteo.com/company/tbwachiatday
"id": "tbw543083025",
"linkid": "tbwachiatday",
"type": "Ransomware",
"date": "6/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'automotive design',
'location': 'Tokyo, Japan',
'name': 'Nissan Creative Box Inc. (CBI)',
'type': 'subsidiary'}],
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['3D design files (CAD)',
'spreadsheets (XLS/CSV)',
'images (JPG/PNG)',
'videos',
'PDF/documents',
'VR design files'],
'number_of_records_exposed': '405,882 files (~4TB)',
'sensitivity_of_data': 'high (trade secrets, proprietary '
'designs, internal '
'financial/operational data)',
'type_of_data_compromised': ['proprietary vehicle design '
'files (3D models, CAD '
'renderings)',
'financial/operational data '
'(spreadsheets)',
'internal project documents '
'(reports, photos, videos)',
'VR design workflow files']},
'description': 'The Qilin ransomware group claims to have compromised '
'Nissan’s Creative Box Inc. (CBI), a Tokyo-based design '
'subsidiary of Nissan Motor Co., Ltd., stealing over 4TB of '
'sensitive data, including 3D design files, financial data, VR '
'design images, and internal documents. The group threatens to '
'release the data unless demands are met. Sample files leaked '
'include 3D CAD renderings, financial spreadsheets, '
'photorealistic car interior renders, and VR design workflow '
'images.',
'impact': {'brand_reputation_impact': 'high (potential long-term competitive '
'and reputational risks due to exposure '
'of proprietary designs)',
'data_compromised': ['3D design data (CAD models)',
'financial/operational spreadsheets '
'(Japanese)',
'photorealistic car interior renders',
'VR design workflow images',
'internal reports',
'photos',
'videos',
'project documents']},
'initial_access_broker': {'high_value_targets': ['proprietary vehicle design '
'files',
'financial data']},
'investigation_status': 'ongoing (Nissan has not released an official '
'statement as of the report)',
'motivation': 'financial extortion (ransomware-as-a-service model)',
'ransomware': {'data_exfiltration': True,
'ransomware_strain': 'Qilin (aka Agenda)'},
'references': [{'source': 'Hackread.com',
'url': 'https://www.hackread.com/qilin-ransomware-nissan-cbi-data-breach/'}],
'threat_actor': 'Qilin (aka Agenda) ransomware group',
'title': 'Qilin Ransomware Claims 4TB Data Breach at Nissan Creative Box Inc. '
'(CBI)',
'type': ['data breach', 'ransomware attack']}