TL;DR: On January 10, 2026, the Everest ransomware gang posted Nissan Motor Corporation to their leak site, claiming they stole 900GB of internal data. Screenshots show dealer names, addresses, program documentation, and internal file structures. Nissan hasn't confirmed the breach. This is the same group that just dumped 72 million Under Armour customer records. Nissan has been hit by four separate cyberattacks since late 2023.
Another Day, Another Nissan Breach
The Everest ransomware group announced on January 10, 2026, that they had successfully breached Nissan Motor Corporation and stolen approximately 900GB of internal data. They posted six screenshots to their dark web leak site as proof, showing file directories, spreadsheets, and internal documents.[1][2][3]
The screenshots reveal what looks like legitimate internal file storage: ZIP archives, text files, Excel spreadsheets, and CSV files organized by dealership programs, certification reports, and claims processing. One spreadsheet contains dealer names, physical addresses, and contact information.[2][4]
Everest gave Nissan five days to respond before releasing the data publicly. That deadline has passed.[1][3]
Nissan hasn't publicly confirmed or denied the breach. Their silence speaks volumes.
What's in the Alleged Breach
Based on screenshots and file directories shared by Everest, the stolen data reportedly includes:[2][4][5]
- Dealer information: Names, addresses, contact details for Nissan dealerships
- Employee records: Internal personnel data
- Program documentation: Dealership programs, certification reports
- Claims processing data: Internal business operations
- Financial records: Audit reports and financial documents
- Manufacturing designs: Proprietary production information (unverified)
File formats in the leak include .csv, .txt, .pgp, and .xls, structured data pulled from various internal systems. The folder names suggest access to operational systems, even if the visible screenshots don't show customer SSNs or payment data.[2][4]
Everest claims all 900GB has been released on the dark web, which means other threat actors can now use it for secondary attacks.[5]
Nissan's Growing Breach Problem
This isn't a one-off. Nissan has been breached repeatedly:
- December 2025: Hackers stole personal data of 21,000 customers through Red Hat CMS, Nissan's sales management system[2][6]
- August 2025: The Qilin ransomware group claimed 4TB of data from Nissan CBI, a Tokyo design subsidiary[2][6]
- March 2024: Nissan confirmed hackers stole data on 100,000+ employees and customers in Australia/New Zealand (incident occurred December 2023)[6][7]
- 2024: A separate attack on Nissan North America exposed 53,000 employee records[6]
Four major breaches in roughly two years. At what point does a pattern become negligence?
Who Is Everest?
Everest is a Russian-linked ransomware operation that emerged in July 2021. They've been extremely active.[2][5]
According to Cybernews' Ransomlooker tool, Everest has claimed 330 victims since 2023. Recent targets include:[2][5][8]
- ASUS (December 2025, ~1TB allegedly stolen)
- Under Armour (November 2025, 72 million customer records)
- Chrysler
- Iberia Airlines
- Petrobras
- Dublin Airport
- AT&T
Everest was one of the most active ransomware groups in 2025, and they're keeping that momentum in 2026. Their playbook: breach, steal, post countdown timers, wait for payment. When companies don't pay, they dump everything.
This is the same group that just leaked 72 million Under Armour customer records after the company refused to negotiate.[8]
What This Means
If you're a Nissan dealer, employee, or customer in the US, Japan, or elsewhere, your data may be compromised. Again.
The screenshots don't show customer SSNs or payment card data, but that doesn't mean it's not in the 900GB dump. The visible files suggest access to deep operational systems. That's enough for identity theft, business email compromise, and targeted phishing attacks.
Dealers should be especially concerned. Their business addresses, contacts, and program details are now potentially in criminal hands. Expect targeted attacks impersonating Nissan corporate.
What You Should Do
Nissan Employees
Assume your work email and personal details have been exposed. Watch for phishing emails referencing internal programs or payroll. Don't click links in unexpected "HR" or "IT" messages.
Nissan Dealers
Your business information may be in the leak. Verify any unusual requests from "Nissan corporate" through known phone numbers, not contact info provided in emails.
Nissan Customers
If you've bought or serviced a vehicle at a Nissan dealer, your data may be exposed. Enable 2FA on accounts, watch for targeted phishing, and consider a credit freeze if you've shared financial info.
Everyone
Don't trust emails about "Nissan recalls," "warranty updates," or "dealer promotions" right now. Verify through official channels before clicking anything.
The Automotive Industry Has a Cybersecurity Problem
Nissan isn't alone. Automakers collect massive amounts of data (vehicle telemetry, customer finances, dealer networks, manufacturing IP) and they've consistently failed to protect it.
Modern cars are rolling surveillance platforms. Every connected vehicle generates data about where you go, how you drive, and who services your car. That data ends up in corporate systems that apparently can't stay secured.
Nissan's four breaches in two years should concern anyone who owns one of their vehicles. The company clearly hasn't fixed whatever allows attackers to keep getting in.
References
- Hackread - Everest Ransomware Claims Breach at Nissan, Says 900GB of Data Stolen
- Cybernews - 900GB of Nissan's internal data stolen, hackers claim
- SC Media - Everest ransomware group claims Nissan breach, demands response
- Breach Spot - Everest Ransomware Alleges Data Breach at Nissan
- Cybersecurity Insiders - Everest Ransomware Targets Nissan Following ASUS Data Breach
- CyberPress - Everest Cybercrime Group Alleges Successful Breach of Nissan Motors
- Cybersecurity News - Everest Hacking Group Allegedly Claims Breach of Nissan Motors
- Malwarebytes - Under Armour ransomware breach: data of 72 million customers