Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

Incident Of The Week: Finance Co. Says 1.1M Buyers Hit In Data Breach

Add bookmark
Dan Gunderman
Dan Gunderman
12/29/2017

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. CSHub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a heavy data breach that may have exposed 1.13 million consumers who’ve financed vehicles through Nissan Canada Finance (NCF) and INFINITI Financial Services Canada.

The news comes as another startling reminder to enterprises and data security researchers about the pervasive effects of data heists.

According to a press release on the matter posted to Market Wired, unauthorized users gained access to personal information on NCF customers – which in total is estimated to be 1.13 million.

NCF became aware of the situation on Dec. 11, 2017. They’ve said that the following information may have been compromised: customer name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount and monthly payment.

See Related: Incident Of The Week: Unsecure Cloud Could Have Compromised 123M Americans

The statement reads, “We are still investigating exactly what personal information has been impacted.”

NCF is not currently aware of the exact scale of the data heist, but it is notifying its large customer base. These are consumers who’ve financed through the aforementioned companies.

In its statement, the company wrote, “At this time, there is no indication that customers who financed vehicles outside of Canada are affected. In addition, no payment card information was affected.”

NCF added that it is taking “prompt action” to notify any affected customers. They’ll also be offered 12 months of free credit monitoring through TransUnion. This is being offered to customers not affected by the breach as well.

The company has also informed Canadian privacy regulators, law enforcement and data security experts to deepen its investigation.

See Related: Incident Of The Week: 'Triton' Malware Takes Down Industrial Plant

Alain Ballu, president of Nissan Canada Finance, said in the statement, “We sincerely apologize to the customers whose personal information may have been illegally accessed and for any frustration or inconvenience that this may cause. We are focused on supporting our customers and ensuring the security of our systems.”

As SC Magazine points out, the latest revelation comes two years after independent researchers discovered a vulnerability embedded in the Nissan LEAF electric car’s mobile app. Exploited, the flaw could have tampered with trip data and the vehicle’s heating and air-conditioning units.

On the enterprise level, the breach underscores the importance of proper and multi-layered information security methods. This comes as more and more cyber-thieves gun for exposed or vulnerable PII.

Photo Credit: Shutterstock.com

Tags: Incident of the Week Breach Cyber Attack Data Information Security InfoSec Nissan Canada Finance NCF INFINITI Financial Services Canada Statement

Upcoming Events

Building cyber resilience

24 April, 2024
Online

Register Now | View Event
Building cyber resilience

Building high-performing development teams: Harnessing tools, processes & AI

02 May, 2024
Online

Register Now | View Event
Building high-performing development teams: Harnessing tools, processes & AI

Digital Identity Week

June 11 - 13, 2024
Melbourne, Victoria

Register Now | View Agenda | View Event
Digital Identity Week

Anti-Financial Crime Exchange Europe 2024

September 19-20
Frankfurt, Germany

Register Now | View Agenda | View Event
Anti-Financial Crime Exchange Europe 2024
MORE EVENTS

Follow Us

         

Latest Webinars

Building high-performing development teams: Harnessing tools, processes & AI

2024-05-02
11:00 AM - 12:00 PM EDT

Discover how to enhance your development team’s efficiency through advanced tools, Agile methodologi...
Building high-performing development teams: Harnessing tools, processes & AI

Building cyber resilience

2024-04-24
11:30 AM - 12:30 PM SGT

Why it’s essential that technology seamlessly connects IT, security, risk and the business
Building cyber resilience

Strategies to enhance secure customer onboarding

2024-03-27
11:30 AM - 12:30 PM SGT

Focus on achieving speedy and secure customer onboarding and combat user lifecycle fraud with phone...
Strategies to enhance secure customer onboarding
MORE WEBINARS

RECOMMENDED

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Learn more
iqpc logo

Cyber Security Hub, a division of IQPC

© 2024 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC| Contact Us | About Us | Cookie Policy