Japanese car giant Nissan has confirmed losing sensitive data on thousands of people as a result of a third-party supply chain attack.
In a press release, the company said the recent attack on Red Hat affected its customers, as well, as the latter was commissioned by Nissan to develop a customer management system for one of its sales companies – Nissan Fukuoka Sales Co. In late September, Red Hat detected unauthorized access which, as was later determined, resulted in the theft of hundreds of gigabytes of sensitive data from 28,000 private GitLab repositories.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Researcher breaches Toyota supplier portal with info on 14,000 partners
February 7, 2023
Toyota’s Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company. GSPIMS is the car manufacturer’s web application that allows employees and suppliers to remotely log in and manage the firm’s global supply chain. Read more… Source: Bleeping Computer
- Nissan North America data breach caused by vendor-exposed database
January 17, 2023
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. The security incident was reported to the Office of the Maine Attorney General on Monday, January 16, 2023, where Nissan disclosed that 17,998 customers were affected by the breach. Read more… Source: Bleeping Computer
- Toyota, Mercedes, BMW API flaws exposed owners’ personal info
January 4, 2023
Almost twenty car manufacturers and services contained API security vulnerabilities that could have allowed hackers to perform malicious activity, ranging from unlocking, starting, and tracking cars to exposing customers’ personal information. The security flaws impacted well-known brands, including BMW, Roll Royce, Mercedes-Benz, Ferrari, Porsche, Jaguar, Land Rover, Ford, KIA, Honda, Infiniti, Nissan, Acura, Hyundai, Toyota, and ...
- Sweden launches Europe’s most advanced Hub for Automotive Cyber Security
November 25, 2022
Research Institute engages ethical hackers and the latest research in cyber technology to combat spiraling threats to connected vehicles State owned Research Institutes of Sweden, RISE, is launching Europe’s most advanced cyber security initiative dedicated to vehicle testing. RISE Cyber Test Lab for Automotive enable the automotive industry to test vehicles by using the latest ...
- Japanese giants to offer security-as-a-service for connected cars
October 18, 2022
Japanese industrial giants NTT Communications Corporation and Denso Corporation have decided to start a business “to respond to the threat of increasingly sophisticated cyber-attacks against vehicles.” NTT Communications is a global IT services company that is a member of the NTT Group (which confusingly also operates NTT Data, another global IT services company). Denso is an ...
- Europol: 31 arrested for stealing cars by hacking keyless tech
October 18, 2022
With the support of Europol and Eurojust, the French authorities in cooperation with their Spanish and Latvian counterparts have dismantled a car theft ring which used a fraudulent software to steal vehicles without using the physical key fob. The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car ...