Representatives of the world renowned car manufacturer Nissan Motor Co., Ltd. issued a statement admitting that the company's systems were penetrated by a hacker who apparently managed to steal user IDs and password hashes.
The incident took place on April 13, 2012, when the organization’s IT security team noticed the presence of a piece of malware within the network. Immediate action was taken to protect sensitive data.
“This included actions to protect information related to customers, employees and other partners worldwide. This incident initially involved the malicious placement of malware within our IS network, which then allowed transfer from a data store, housing employee user account credentials,” said Andy Palmer, the firm’s executive vice president.
“As a result of our swift and deliberate actions we believe that our systems are secure and that no customer, employee or program data has been compromised. However, we believe that user IDs and hashed passwords were transmitted. We have no indication that any personal information and emails have been compromised,” he added.
This is not the first time when Nissan suffers a data breach. Back in February, the hacker known as Sepo demonstrated that he was able to easily gain access to the official website of Nissan Motors in Columbia.
At the time, the hacker leaked usernames and password hashes that belonged to the site’s administrators.
Hopefully, this incident will act as a wake-up call for the company. It’s clear that they have some security holes that need to be addressed and they’d better do something fast before their customers’ credentials end up online, or in the hands of cybercriminals with a malicious agenda.