Nissan Motor Corporation, a multinational automobile manufacturer, has allegedly been compromised by the Everest extortion group in a massive cyber incident stemming from a third-party IT contractor. The breach reportedly targets the Global Customer Service & Sales Data (GCSSD) applications and FTP servers, which process and host data for the Nissan and Infiniti dealer networks in North America. The Everest group claims to have exfiltrated 910 GB of corporate and customer data, comprising over 180,000 files spanning from 2013 through January 2026. The threat actors assert that they gained access due to unrotated, publicly exposed credentials and a lack of multi-factor authentication on the vendor’s internet-facing infrastructure. Furthermore, Everest has published extensive negotiation logs claiming Nissan has been aware of the incident since January 15, 2026, but has relied on a “third-party vendor” defense rather than notifying affected individuals.
According to the actor, the allegedly compromised data includes:
-
Full names
-
Home addresses
-
Email addresses
-
Phone numbers
-
Auto loan data from Nissan Financial Services
-
Repair orders including Vehicle Identification Numbers (VINs), geolocation, and full service histories
-
Dealer employee data and records
-
Complete Dealer Business System source code and private encryption keys
-
Licensed Experian and InfoUSA consumer data
-
Wholesale invoices, dealer business plans, and corporate financial reports
Daily Dark WebRead More
R1
T1
