Nissan Canada Admits Huge Data Breach

It has not been such a merry Christmas for over a million customers of the financial division of Nissan Canada.

Nissan Canada Finance (NCF) has admitted that earlier in the month, there was “unauthorised access to personal information”.

It is thought that all current and former customers of NCF in Canada may have had their details compromised in the data breach.

Unauthorised Access

News of the breach was revealed on NCF’s corporate website just days before Christmas, and said that anyone who had financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada, were likely to have been impacted.

“On December 11, 2017, NCF became aware of unauthorised access to personal information,” the company said.

“The unauthorised access may have impacted the following types of information for some customers: customer name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount and monthly payment,” it said.

The firm said it was still investigating exactly what personal information has been impacted, but it was contacting all of its current and past customers – approximately 1.13 million customers.

It said that no payment card information has been affected by the breach.

NCF is offering all potentially affected customers 12 months of credit monitoring services free of charge.

Customers can obtain more information here, and the relevant Canadian privacy regulators, law enforcement and data security experts have all been notified.

“We sincerely apologise to the customers whose personal information may have been illegally accessed and for any frustration or inconvenience that this may cause,” said Alain Ballu, president, Nissan Canada Finance. “We are focused on supporting our customers and ensuring the security of our systems.”

Data Breaches

Businesses are having to become much more reactive when a data breach is discovered.

In the United States, a recent Senate bill had proposed a five year prison sentence if businesses or people failed to report a breach in a timely manner.

And this latest data breach is not the first security scare involving Nissan.

In 2016, security researcher Troy Hunt decided to go public with a security flaw for the Nissan Leaf electric car, after he gave the car maker one month to address the flaw.

The flaw with Nissan’s mobile app did not impact any life threatening systems in the car, but it could allow for heating and air-conditioning systems to be hijacked, and journey data to be accessed.

Prior to that Nissan suspended its Japanese and Global websites after they suffered a Distributed Denial Of Service (DDoS) attack by hacker collective Anonymous, in retaliation for Japan’s hunting of whales and dolphins.

Do you know all about security in 2017? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

19 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

19 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

20 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

22 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

1 day ago