21,000 Nissan Customers Exposed After Third-Party Server Breach

Unauthorized access to a contractor-managed system led to the exposure of contact data for thousands of customers.

Red Hat-managed infrastructure breached

Nissan has disclosed a data breach affecting roughly 21,000 customers linked to a former dealership in Japan, following unauthorized access to a server managed by Red Hat. The intrusion was detected in late September, and Nissan was notified in early October, according to a breach notice published by the automaker in December.

The compromised environment was part of a Red Hat Consulting-managed GitLab instance. While Nissan gave few details of the attack, Red Hat has acknowledged that an intruder accessed and copied data from this system, confirming the incident involved customer-related information of multiple organizations.

The scope of the breach

Nissan said no payment card details were stolen. However, exposed data still comprises sensitive customer information, including:

• Names
• Addresses
• Phone numbers
• Partial email addresses
• Other personal details used in sales and service operations

While the company says it has no evidence the data has been misused, the nature of the information raises concerns.

Such data is particularly valuable for social engineering, enabling threat actors to craft convincing emails, scam phone calls or fraudulent messages that appear to originate from legitimate businesses. Nissan has advised affected customers to remain vigilant for suspicious communications.

Attackers remain unnamed

Neither Nissan nor Red Hat has publicly attributed the breach to a specific threat actor. However, around the time the intrusion was detected, a group calling itself Crimson Collective claimed responsibility for breaching Red Hat’s private GitLab repositories, stealing hundreds of gigabytes of data in the process.

Red Hat later confirmed the breach and the group reportedly partnered with another cybercrime gang to pursue extortion. It remains unclear whether Nissan was directly targeted or caught up as part of a broader compromise of third-party infrastructure.

The recurring nature of breaches and what you can do about it

This incident marks Nissan’s third major data breach in three years, following earlier disclosures affecting employees in North America and customers in Oceania. The repeated incidents highlight the growing risks associated with supply-chain and third-party service providers.

For individuals impacted by data breaches, tools like Bitdefender Digital Identity Protection can help mitigate downstream risks. The service continuously monitors the public and dark web for exposed personal information, notifies users when their data appears in breaches and provides quick, one-click action items to patch weak spots in digital footprints.