### Everest Group Claims Data Theft from Nissan Vendor **Nissan** has acknowledged a potential data breach stemming from a cyber incident impacting one of its third-party vendors. The **Everest** hacking group has claimed responsibility, stating they successfully breached a file transfer system utilized by a company providing services to **Nissan** and **Infiniti** dealerships across North America. According to **Everest**, the breach resulted in the theft of 910 gigabytes of sensitive data. This allegedly includes information pertaining to customers, dealerships, and loans offered to car buyers. ### Nissan's Response A **Nissan** spokesperson stated that the company is aware of the incident and has launched an investigation. The investigation has so far indicated that the breach was isolated to the vendor's systems, and that there is "no indication that **Nissan** systems were compromised or that any **Nissan** customer information was accessed or put at risk." **Nissan** is collaborating with the vendor as it continues its investigation. ### Extortion Attempts and Failed Negotiations **Everest** claims the breach occurred in January and that they initially attempted to extort **Nissan** for a ransom in exchange for not releasing the data. These negotiations reportedly failed. The group has threatened to release the stolen data publicly. ### A History of Security Incidents This incident is not the first time **Nissan** has been targeted. The company has experienced several security incidents in recent years, including data breaches in 2022 and 2023 that exposed the information of 22,000 and 53,000 individuals, respectively. In 2024, a cyberattack exposed the personal information of approximately 100,000 **Nissan** customers and employees in Australia and New Zealand. Despite these security challenges, **Nissan** remains a major player in the automotive industry, reporting significant net sales in 2024.