Share this article on:
Nissan’s Australian operation has revealed that the call centre it set up to respond to its data breach was compromised in a second hack.
They say lightning never strikes the same place twice, but Nissan Oceania may have a different view on that truism after revealing the latest twist in the tale of its December 2023 data breach.
Nissan revealed that around 100,000 of its customers and staff had been exposed in a data breach in March 2024, and as part of its response, it set up a dedicated call centre to handle customer inquiries.
Unfortunately, Nissan hired call centre specialist OracleCMS, which became the victim of a data breach a month later after being targeted by the LockBit ransomware gang.
“Regrettably, we became aware on 18 April that the external supplier we contracted to manage our dedicated cyber incident call centre, OracleCMS, was impacted by its own data breach that affected several of its clients, including Nissan,” Nissan Oceania said in a 21 May update on its incident page.
“Unfortunately, some Nissan customer, staff and other stakeholder information, which OracleCMS held on its systems to be able to answer incoming queries, was compromised during the incident.”
The data impacted in this second incident includes names, dates of birth, and contact details, as well as “a summary description of the information in the Nissan cyber incident notification letters”.
According to Nissan, “no identity documents, copies of documents or ID numbers were affected”.
“We understand this news will be especially disappointing given people have already had their personal information compromised,” Nissan said.
“We want to assure you that we are doing everything we can to protect and support every person who interacts with us and our suppliers.”
The initial Nissan Oceania breach saw various government ID documents compromised, including passports and Medicare card details. The Akira ransomware gang claimed responsibility for the hack.
Alongside Nissan Oceania’s outsourced call centre operations, the OracleCMS breach also saw data belonging to several Australian local councils published on the darknet, as well as subscriber details of a Queensland religious organisation, alongside a raft of other data.
The City of Sydney was one of the councils impacted by the breach, and a spokesperson for the council told Cyber Daily at the time that it was “working with OracleCMS to investigate an incident that impacted them and, if necessary, enhance the protection of our information held by them”.
OracleCMS’ latest update on its data breach – which is undated – said its response “continues to progress, with external experts guiding our investigation to ensure we have a comprehensive overview of all potentially impacted data”.
“This work is now at an advanced stage,” it said.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.