Security News > 2023 > January > Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information.
In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.
The third party had received customer data from Nissan to use in developing and testing software solutions for the automaker, which was inadvertently exposed due to a poorly configured database.
Upon learning of the security incident, Nissan ensured the exposed database had been secured and launched an internal investigation.
In January 2021, Nissan North America experienced a similar incident, leaving a Git server exposed online with default access credentials, resulting in several repositories of the firm becoming public.
More recently, in October 2022, Toyota experienced a similar data security incident in which the personal information of 296,019 customers was exposed.
News URL
Related news
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Fintech giant Finastra investigates data breach after SFTP hack (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)