Nissan Confirms Data Breach from Third-Party Vendor Amid Everest Ransomware Threat

Severity: Medium (Score: 48.9)

Sources: Scworld, Therecord.Media, Cybernews

Summary

Nissan has confirmed a data breach involving a third-party vendor after the Everest ransomware group claimed to have stolen 910GB of sensitive data, including customer and dealership information. The breach occurred through the file transfer system used by Nissan and Infiniti dealerships in North America. Everest has threatened to release the stolen data if a ransom is not paid, highlighting that Nissan has not compromised its own systems. The ransomware group claims to have obtained data from a compromised FTP server, which had exposed credentials that were publicly available since September 2023. Despite the breach, Nissan stated that there is no indication that customer information was accessed or put at risk. The situation is compounded by Everest's history of targeting Nissan, including a previous incident in 2024 affecting nearly 100,000 customers. As of April 3, 2026, Everest warned it would publish the stolen data if the ransom demand is not met. Key Points: • Nissan confirmed a data breach involving a third-party vendor, not its own systems. • Everest ransomware group claims to have stolen 910GB of sensitive data from Nissan. • The breach exploited exposed credentials on an FTP server used by dealerships.

Key Entities

• Data Breach (attack_type)
• Ransomware (attack_type)
• Nissan (company)
• Nissan Financial Services (company)
• Australia (country)
• New Zealand (country)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• Everest (ransomware_group)