iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Automaker Nissan has said it is looking into an incident that may have impacted its Australian and New Zealand operations.
Nissan’s Australian and New Zealand websites are alerting users of a cyber incident that has caused some disruption to its local networks.
The alert is currently a pop-up on its local websites and the first item below the masthead on the sites themselves. The sites are in operation, but Nissan is warning customers of potential scam activity.
“The Australian and New Zealand Nissan Corporation and Financial Services (‘Nissan’) advises that its systems have been subject to a cyber incident,” Nissan said in its alert. “Nissan is working with its global incident response team and relevant stakeholders to investigate the extent of the incident and whether any personal information has been accessed. Nissan has also notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre.”
The alert goes on to say that the incident is being investigated and that work is ongoing.
“Nissan is working to restore its systems as soon as possible and will continue to provide updates by its website available via nissan.com.au and nissan.co.nz,” Nissan said.
“Nissan thanks you for your understanding during this process, and asks that you have patience with us and our staff while we do our best to work through these issues.”
Nissan also noted that the incident does not appear to have impacted its dealer networks and that local dealerships are still open for all services.
No threat actor has yet taken responsibility for the hack, and threat intelligence feeds – such as FalconFeeds – have no report on any related incidents. Nissan has not provided any specific dates when the incident occurred, when it was first noticed, or the specific nature of the incident.
The incident follows reports that the NoEscape ransomware gang was responsible for an attack on a Nissan dealership in the United States in October 2023 and threatened to publish four gigabytes of personal and internal data if a ransom was not paid.
The original post has since been deleted from the gang’s leak site. Cyber Daily does not allege that any ransom has been paid relating to the incident.
Cyber Daily is awaiting further commentary from Nissan.
Paul Prudhomme, Rapid7’s principal security analyst and author of the Japan Cyber Threat Landscape Report, told Cyber Daily earlier in the year that the big Japanese multinationals are seen as a ripe target for hackers - ransomware operators in particular.
"Japan, in particular, I think, is strategically important, not just for the size, but really for its global footprint," Prudhomme said in an interview. "So many Japanese multinational companies, or global brands, are sort of very easily recognisable names all around the world. In fact, they’ve been so integrated into the world economy, you almost don’t think of them as Japanese, per se, except when you find out, 'Oh, it’s Mitsubishi.' It’s so integrated into the world community that you almost don’t think of them as being Japanese."
"But they are, which of course, raises the interesting wrinkle of Japanese companies getting hacked through their overseas subsidiaries."
Updated 8/12/23 to include Rapid7 quote.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
