The attackers took credit for an intrusion that affected the Japanese auto giant’s Australian and New Zealand businesses.
Akira has listed Nissan Australia on its dark web blog, used to showcase its latest victims. An accompanying post suggests that the attackers exported 100GB of data from the company’s systems.
The cybercrooks claim that they managed to obtain documentation containing the personal details of the company’s employees, clients, and partners.
In early December, Nissan said the company was investigating the impact of a suspected cyberattack. Akira references Nissan’s statement in its note, saying it will release data that will “confirm” personal details were stolen from the company’s systems.
Nissan Oceania, a regional division of the Japanese automaker, covers various company activities, including marketing, sales, distribution, and services in Australia and New Zealand. The company said that it’s working with “relevant stakeholders” and its global incident response team to investigate the incident.
Dozens of attacks in the US and Canada
Akira, a ransomware group discovered in March 2023, takes its name from a Japanese cyberpunk manga. According to Ransomlooker, a Cybernews tool that monitors the dark web, Akira victimized 169 organizations in the US, Canada, and other countries.
The group follows a consistent modus operandi, demanding ransom payments ranging from $200,000 to $4 million. If these demands are not met, they resort to publishing compromised data online.
In July 2023, researchers at Avast, a cybersecurity firm, released a decryptor for the Akira ransomware used in several incidents. However, it only combats the Windows version of the ransomware. Akira also targets Linux-based systems with a specifically developed strain of malware.
More from Cybernews:
Subscribe to our newsletter