Overview
- Nissan attributes the exposure to Red Hat’s September incident and says it began notifying Japan’s privacy regulator on October 3 and is contacting affected individuals.
- About 21,000 people who bought vehicles or received service at Nissan Fukuoka Sales Co. were impacted, according to the company’s disclosure.
- The leaked fields include names, physical addresses, phone numbers, partial email addresses and sales-related records, while financial data such as credit card details was not included.
- Red Hat’s breach involved data taken from roughly 28,000 private GitLab repositories, was claimed by Crimson Collective, and later saw samples hosted by ShinyHunters.
- Reporting on the Red Hat intrusion notes stolen authentication tokens, database URIs and Customer Engagement Reports were used to access customer environments, and Nissan says the Red Hat servers did not store other Nissan data and there is no confirmed misuse.