The Akira ransomware group has successfully breached Nissan Australia, the Australian branch of the multinational automaker, and declared the theft of around 100GB of data. The ransomware gang, which has been active since March 2023 and previously targeted organizations in various sectors, including education, finance, and real estate, asserts that the stolen data includes personal information, project details, NDAs, and other significant information about clients and partners.
Nissan Australia has reportedly refused to meet the ransom demands, and in response, the Akira ransomware group has threatened to leak the pilfered documents. The data breach encompasses sensitive details about employees, potentially putting their personal information at risk. The ransomware group plans to upload the data within a few days, as stated in their message, and intends to confirm the incident of personal information leakage mentioned on Nissan Australia’s website.
Nissan Oceania, the regional division of the carmaker giant that includes Australia and New Zealand, had announced a cyber attack earlier in December. The company initiated an investigation and informed the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre. While the extent and details of the attack remain undisclosed, Nissan is actively working with its global incident response team to assess the incident’s scope and the potential compromise of personal information. Nissan recommends vigilance among its customers for any suspicious or scam activities and assures ongoing efforts to restore its systems.
The company plans to provide updates through its official websites, nissan.com.au and nissan.co.nz. As the Akira ransomware group escalates its threats, the incident underscores the persistent and evolving challenges posed by ransomware attacks, emphasizing the importance of robust cybersecurity measures and response strategies for organizations across industries.
Reference
