Japanese car giant Nissan has confirmed losing sensitive data on thousands of people as a result of a third-party supply chain attack.
In a press release, the company said the recent attack on Red Hat affected its customers, as well, as the latter was commissioned by Nissan to develop a customer management system for one of its sales companies – Nissan Fukuoka Sales Co. In late September, Red Hat detected unauthorized access which, as was later determined, resulted in the theft of hundreds of gigabytes of sensitive data from 28,000 private GitLab repositories.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers access surveillance cameras at Tesla, Cloudflare, banks, more
March 9, 2021
Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ. Hacks multiple cameras in ...
- Kia Motors America suffers ransomware attack, $20 million ransom
February 17, 2021
Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. Kia Motors America (KMA) is headquartered in Irvine, California, and is a Kia Motors Corporation subsidiary. KMA has nearly 800 dealers in the USA with cars and SUVs manufactured out of West ...
- Cybersecurity Risks of Connected Cars
February 16, 2021
As the use of connected cars becomes more common, the technologies that power or support these vehicles continue to evolve. This provides a host of benefits, but just like any other technology, this new territory comes with some risks. In our paper, we add some substantial information to our research from last year, in order ...
- Tesla sues ex-employee over alleged ‘brazen’ theft of confidential code
January 25, 2021
Tesla is suing a former member of staff for allegedly stealing confidential information and attempting to cover his tracks in the aftermath. The lawsuit, filed in the US Northern District of California Court, names Alex Khatilov as the alleged perpetrator, a Quality Assurance software engineer. According to Tesla’s complaint, only three days after being hired on December ...
- Nissan NA source code leaked due to default admin:admin credentials
January 8, 2021
Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials. The entire collection is around 20 gigabytes large and contains source code for mobile apps and various tools used by Nissan internally for diagnostics, client acquisition, market research, or NissanConnect services. It is ...
- Adventures in MQTT Part II: Identifying MQTT Brokers in the Wild
November 18, 2020
The use of publicly accessible MQTT brokers is prevalent across numerous verticals and technology fields. I was able to identify systems related to energy production, hospitality, finance, healthcare, pharmaceutical manufacturing, building management, surveillance, workplace safety, vehicle fleet management, shipping, construction, natural resource management, agriculture, smart homes and far more. Hackers have been sounding alarms about this ...