Security News > 2023 > January > Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information.
In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.
The third party had received customer data from Nissan to use in developing and testing software solutions for the automaker, which was inadvertently exposed due to a poorly configured database.
Upon learning of the security incident, Nissan ensured the exposed database had been secured and launched an internal investigation.
In January 2021, Nissan North America experienced a similar incident, leaving a Git server exposed online with default access credentials, resulting in several repositories of the firm becoming public.
More recently, in October 2022, Toyota experienced a similar data security incident in which the personal information of 296,019 customers was exposed.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)