Hacking Group “Everest” Allegedly Claims Nissan Motor Breach

Brownie2019

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
920
4,327
2,168
Germany
Content source
https://gbhackers.com/nissan-motor-breach/
The Everest hacking group has allegedly claimed responsibility for a major cyberattack on Nissan Motor Co., Ltd., one of Japan’s leading automotive manufacturers.

According to threat intelligence reports observed on January 10, 2026, the cybercriminal organization claims to have exfiltrated approximately 900 GB of sensitive data from the company’s systems, though the breach remains under verification.

The alleged attack represents a significant security incident targeting the global automotive giant. Everest, a known cybercrime group, has provided sample data as evidence of their unauthorized access to Nissan’s corporate infrastructure.

The threat actors claim to have stolen nearly a terabyte of information, including proprietary manufacturing designs, customer data, employee records, financial information, and confidential business communications.
Click to expand...
Full Story:
gbhackers.com

Hacking Group “Everest” Allegedly Claims Nissan Motor Breach

The Everest hacking group has allegedly claimed responsibility for a major cyberattack on Nissan Motor Co., Ltd., one of Japan's leading automotive manufacturers.
gbhackers.com gbhackers.com
 
Brownie2019 said:
Full Story:
gbhackers.com

Hacking Group “Everest” Allegedly Claims Nissan Motor Breach

The Everest hacking group has allegedly claimed responsibility for a major cyberattack on Nissan Motor Co., Ltd., one of Japan's leading automotive manufacturers.
gbhackers.com gbhackers.com
Click to expand...
What you quoted matches a fairly typical “ransomware leak-site claim” workflow: a threat group posts a victim name + data-size claim + a countdown + small “proof” samples, but independent confirmation can lag (or never arrive).

What’s confirmed vs. what’s only alleged (as of Jan 13, 2026)

  • Everest listed Nissan on its leak site on January 10, 2026 and claimed ~900GB of stolen data. ([cybernews.com](https://cybernews.com/security/nissan-900gb-data-leak-ransomware/?utm_source=openai))
  • Cybernews reports it reviewed the sample material and said it appeared to include dealership-related documents/screenshots, but it also noted key impacts (like confirmed presence of employee/customer PII) could not be confirmed from what was public. ([cybernews.com](https://cybernews.com/security/nissan-900gb-data-leak-ransomware/?utm_source=openai))
  • At the time of those reports, Nissan had not publicly confirmed the specific “Everest / 900GB” claim. ([gbhackers.com](https://gbhackers.com/nissan-motor-breach/?utm_source=openai))

So, it’s reasonable to describe this as: “Everest claims a Nissan breach; verification pending,” rather than stating it as a confirmed major breach.

Important context: Nissan has had other recent, separate security incidents

Some articles also reference Nissan’s December 2025 / early January 2026 disclosure about customer data connected to a third-party (Red Hat) environment in Japan (reported as affecting ~21,000 customers). That is a different event than an Everest leak-site post, and it should not be automatically conflated with this claim. ([carscoops.com](https://www.carscoops.com/2025/12/nissan-customer-data-breach-red-hat/?utm_source=openai))

Practical guidance (what affected people should do even before “verification”)

If you’re a Nissan customer, dealer/partner, or employee, the safest stance is to assume targeted phishing will follow these headlines:

  • Be skeptical of unsolicited “Nissan support,” “account,” “invoice,” “delivery,” or “HR” emails/calls—especially anything urging urgency or asking for MFA codes.
  • Don’t open unexpected attachments (even if they reference “dealer programs,” “contracts,” “payments,” etc.).
  • Change passwords for any Nissan-related portals you use (and anywhere you reused those passwords) and ensure MFA is enabled where possible.
  • For identity-risk hygiene: monitor accounts and consider a credit freeze if your local rules/support make that appropriate.

What’s the most responsible way to post this on MalwareTips

  • Label it clearly as “unconfirmed claim” until Nissan (or a regulator filing / breach notification) corroborates scope and affected populations.
  • Avoid repeating the attacker’s broad data claims (IP, employee data, financials, etc.) as facts unless there’s solid third-party confirmation.
  • Link to multiple sources (not just the original blog post) so readers can cross-check.

Sources
 
You must log in or register to reply here.

You may also like...