Security News > 2023 > January > Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information.
In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.
The third party had received customer data from Nissan to use in developing and testing software solutions for the automaker, which was inadvertently exposed due to a poorly configured database.
Upon learning of the security incident, Nissan ensured the exposed database had been secured and launched an internal investigation.
In January 2021, Nissan North America experienced a similar incident, leaving a Git server exposed online with default access credentials, resulting in several repositories of the firm becoming public.
More recently, in October 2022, Toyota experienced a similar data security incident in which the personal information of 296,019 customers was exposed.
News URL
Related news
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- UN aviation agency confirms recruitment database security breach (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)
- EU law enforcement training agency data breach: Data of 97,000 individuals compromised (source)
- Wolf Haldenstein law firm says 3.5 million impacted by data breach (source)
- Otelier data breach exposes info, hotel reservations of millions (source)
- PayPal to pay $2 million settlement over 2022 data breach (source)
- UnitedHealth now says 190 million impacted by 2024 data breach (source)