Nissan North America notified thousands of customers that their personal information may have been accessed by an unauthorized third party due to the negligence of a supplier.
The incident occurred on June 21 but wasn’t fully discovered until September 26, 2022, according to a breach notice issued by the Maine Attorney General’s Office.
Nissan read a letter to affected customers that it provided data to third-party developers to test its software.
“On June 21, 2022, Nissan received notice that certain data provided for software testing was inadvertently disclosed by a third-party service provider.
“During our investigation on September 26, 2022, it was determined that this incident likely resulted in the unauthorized access to or acquisition of data, including some personal information belonging to Nissan customers. Specifically, data embedded within code during software testing was unintentionally temporarily stored in a public cloud-based repository.”
The exposed data included customer names, dates of birth, and NMAC account numbers associated with vehicle financing.
Nissan claimed there was no evidence the data was misused, but it did provide a useful set of details to target customers with compelling phishing messages designed to elicit more information. You may offer it to scammers.
“As soon as we learned of this issue, we confirmed that our third-party provider contained the threat by disabling all unauthorized access to our data, and began a rapid and thorough investigation.” Nissan said.
“We have worked with our third-party service provider to ensure that steps are taken to prevent such events in the future. We worked closely with external cybersecurity experts.”
This is not the first security scare for Nissan customers in the region. In 2017, Nissan Canada Finance revealed that more than 1 million current and former customers may have had their details exposed in a data breach.
Then, in January 2021, poor password security exposed a 20 GB pile of internal data stored on Git servers. This included source code for some of the company’s mobile apps.
Editorial Credit Icon Image: oleg_aryutkin / Shutterstock.com
