Nissan Australia has confirmed that customer data was accessed during its December cyber breach and subsequently posted on the dark web, potentially exposing local Nissan owners to identity theft, scams and fraud – among other possible offenses.
News of the cyberattack on the Japanese car-maker first broke on December 8, when Nissan Australia and New Zealand urged its customers to be “vigilant across their accounts” and monitor them for “any unusual or scam activities”.
Today, Nissan Australia and NZ confirmed that local customer data was accessed and issued new recommendations for its buyers to change their online passwords, enable multi-factor authentication where possible and avoid clicking on any links or opening any suspicious emails or attachments.
“We are now aware that some data was accessed in the incident and posted on the dark web,” said Nissan’s local division in a statement on its website today.
“We are working urgently with our global incident response team and cyber forensic experts to understand what information was accessed and the types of information that was posted on the dark web.
“Where we identify customer data has been accessed in a manner which gives rise to a risk of serious harm, we will contact you in accordance with our legal obligations, including to let you know what information was involved and what support is available to you.
“We have already notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre, and the relevant privacy regulators and law enforcement bodies, and we are keeping them updated on our investigation.
“We are deeply sorry for any concerns this has caused for those who have been impacted.
“Thank you for your understanding and patience with our team at this time.”
This is the latest development in the second high-profile cyber incident to affect Australian car owners in the past 12 months or so, following an international privacy breach that involved 2800 local Toyota customers in May last year.
While Nissan is working frantically to ascertain exactly what information has been accessed and leaked online, the Toyota breach included names, addresses, phone numbers, email addresses, customer IDs, vehicle registration and vehicle identification numbers (VINs).
Perhaps more worrying is the fact data including customer credit card details could also have been accessed.
Apart from listing steps you can take to help safeguard against identity theft, scams or fraud, Nissan has established a dedicated contact line to provide updates (03 9000 0814) between 8:30am-5:00pm AEDT weekdays.
It also advises affected customers to contact IDCare, the national identity and cyber support service in Australia (1800 595 160) and NZ (0800 121 068), to report a scam in Australia by visiting?Scamwatch.
Nissan will provide updates on the situation via a dedicated landing page on its Australian website and you can request a free credit report and check for any applications or requests that you did not make from a credit reporting body in Australia (Equifax, illion and Experian) or New Zealand (Centrix, Equifax and illion).
Join the conversation at
Or email us at
Nissan confirms local customer data accessed in cyberattack - carsales.com.au - carsales.com.au
Read More
No comments:
Post a Comment