Security News > 2023 > January > Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information.
In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.
The third party had received customer data from Nissan to use in developing and testing software solutions for the automaker, which was inadvertently exposed due to a poorly configured database.
Upon learning of the security incident, Nissan ensured the exposed database had been secured and launched an internal investigation.
In January 2021, Nissan North America experienced a similar incident, leaving a Git server exposed online with default access credentials, resulting in several repositories of the firm becoming public.
More recently, in October 2022, Toyota experienced a similar data security incident in which the personal information of 296,019 customers was exposed.
News URL
Related news
- GrubHub data breach impacts customers, drivers, and merchants (source)
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- Fintech giant Finastra notifies victims of October data breach (source)
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)
- Background check, drug testing provider DISA suffers data breach (source)
- Data breach at Japanese telecom giant NTT hits 18,000 companies (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)
- Sperm donation giant California Cryobank warns of a data breach (source)