The Russia-linked cybercrime group known as Everest Ransomware has reportedly launched a major cyberattack against Japanese automobile manufacturer Nissan Motor Corporation, resulting in the theft of a substantial volume of sensitive data. Notably, this is the same ransomware group that was responsible for a significant data breach at electronics giant ASUS earlier in December 2025, during which nearly 1 terabyte of information was allegedly stolen.
Everest Ransomware, which has been active in the cybercriminal landscape for roughly two years, publicly announced on January 10, 2026, that it had successfully exfiltrated approximately 900GB of data from Nissan’s internal systems. The group further claimed that all the stolen information has since been released on the dark web, increasing the risk of misuse by other threat actors. A screenshot shared by the group as proof of the breach indicates that the compromised data includes sensitive details such as Nissan dealer names, physical addresses, contact information, employee records, and confidential dealership program documentation.
The scale and nature of the stolen data suggest that the breach could have far-reaching consequences for Nissan, its employees, and its dealer network. Exposure of internal business operations and personally identifiable information (PII) can lead to identity theft, phishing campaigns, financial fraud, and reputational damage. As with many ransomware incidents, the public disclosure of data indicates that negotiations—if any—between the attackers and the victim organization may have failed.
This incident adds to a growing list of cybersecurity challenges faced by Nissan in recent years. In mid-December 2025, reports emerged that data belonging to approximately 21,000 customers had been illegally accessed through Red Hat’s Content Management System (CMS), which the company uses to manage sales and inventory information. That breach reportedly created a gateway for hackers to access customer-related data, highlighting potential weaknesses in third-party platforms and supply chain security.
Even earlier, in November 2024, the Akira Ransomware group claimed responsibility for hacking Nissan’s databases in Australia and New Zealand. That attack allegedly resulted in the compromise of personal data belonging to more than 100,000 individuals, further underscoring the automaker’s repeated exposure to sophisticated cyber threats.
The recurring nature of these attacks reflects a broader trend in which large multinational corporations, particularly those in manufacturing and automotive sectors, have become prime targets for ransomware groups. As organizations continue to digitize operations and rely on interconnected systems, the potential attack surface expands, making robust cybersecurity measures more critical than ever.
While Nissan has yet to publicly confirm the full extent of the Everest breach, the incident serves as another reminder of the escalating risks posed by ransomware groups and the urgent need for stronger data protection strategies, employee awareness, and incident response planning.
Join our LinkedIn group Information Security Community!
