Japanese car giant Nissan has confirmed losing sensitive data on thousands of people as a result of a third-party supply chain attack.
In a press release, the company said the recent attack on Red Hat affected its customers, as well, as the latter was commissioned by Nissan to develop a customer management system for one of its sales companies – Nissan Fukuoka Sales Co. In late September, Red Hat detected unauthorized access which, as was later determined, resulted in the theft of hundreds of gigabytes of sensitive data from 28,000 private GitLab repositories.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US senators ask FTC to investigate car makers’ privacy practices
July 29, 2024
An ongoing US Senate investigation indicated that connected car makers violate consumer privacy by sharing and selling drivers’ data, including their location, on a vast scale, and that the same car makers often obtain consumer consent through deception. Based on this investigation, senators have urged the Federal Trade Commission (FTC) to investigate automakers’ disclosure of millions ...
- APT41 Has Arisen From the DUST
July 18, 2024
Recently, Mandiant became aware of an APT41 intrusion where the malicious actor deployed a combination of ANTSWORD and BLUEBEAM web shells for persistence. These web shells were identified on a Tomcat Apache Manager server and active since at least 2023. APT41 utilized these web shells to execute certutil.exe to download the DUSTPAN dropper to stealthily load ...
- Car Dealerships Across US Halt Services After Cyberattack
June 20, 2024
Thousands of car dealerships were ground to a halt during a normally busy holiday Wednesday by a cyber incident at CDK Global, a major software provider for dealers across the US. The company “shut all systems down and executed extensive testing and consulted with external third-party experts,” Tony Macrito, a CDK spokesman, said in an email. ...
- Cinterion EHS5 3G UMTS/HSPA Module Research
June 13, 2024
Modems play an important role in enabling connectivity for a wide range of devices. This includes not only traditional mobile devices and household appliances, but also telecommunication systems in vehicles, ATMs and Automated Process Control Systems (APCS). When integrating the modem, many product developers do not think of protecting their device from a potential modem compromise. ...
- Philippines: Toyota, Robinsons Land confirm data breaches
June 6, 2024
Carmaker Toyota and real estate firm Robinsons Land have confirmed reports of data breaches in their company and are now under evaluation by the National Privacy Commission (NPC). In a statement Thursday, NPC Compliance and Monitoring Division chief Rainier Milanes said Robinsons Land notified the NPC of a breach on June 1 while Toyota made a ...
- GM stops sharing driver data with brokers amid backlash
March 22, 2024
After public outcry, General Motors has decided to stop sharing driving data from its connected cars with data brokers. Last week, news broke that customers enrolled in GM’s OnStar Smart Driver app have had their data shared with LexisNexis and Verisk. Those data brokers in turn shared the information with insurance companies, resulting in some drivers ...