Today, the Akira ransomware gang claimed that it breached the network of Nissan Australia, the Australian division of Japanese car maker Nissan. In a new entry added to the operation’s date leak blog on December 22, Akira says that its operators allegedly stole around 100GB of documents from the automaker’s systems.
The attackers have threatened to leak sensitive business and client data online, as ransom negotiations with Nissan failed after the company either refused to engage or pay the ransom. “They seem not to be very interested in the data, so we will upload it for you within a few days,” the ransomware group says. “You will find docs with personal information of their employees in the archives and much other interested stuff like NDAs, projects, information about clients and partners etc.”
While the company has yet to attribute a cyberattack disclosed on December 5, it did add a new update to its website today confirming that attackers have breached some of its systems in Australia and New Zealand. Nissan says it’s still investigating the incident’s impact and whether personal information has been accessed. It’s also working on restoring systems affected in the attack (a process that started on December 5, after the incident was disclosed.
After detecting the breach, Nissan notified the Australian and the New Zealand Cyber Security Centres and relevant privacy regulators and law enforcement bodies. Likely because of the risk that some data stored on the compromised systems was either accessed or stolen, Nissan also warned customers to “be vigilant for any unusual or suspicious online activity.”