23/69 Wednesday, January 14, 2026
The Everest ransomware group has claimed that it breached the systems of Nissan Motor Corporation and exfiltrated approximately 900 GB of internal data. According to the attackers, the stolen data includes internal documents and screenshots from various corporate systems. The group published these claims on its dark web leak site on January 10, 2026, accompanied by six screenshots and a directory structure showing compressed archives, text documents, spreadsheets, and CSV files.
Based on the released images, the files and folders allegedly belonging to Nissan appear to be well organized, reflecting structured internal data storage. The exposed materials reportedly include reports, summaries, and dealer-related documentation, with file extensions such as .csv, .txt, .pgp, and .xls, suggesting structured datasets used for reporting, analysis, or internal communication. Some filenames reference specific projects, dealer information, certification reports, and claims-handling processes. In addition, spreadsheets listing dealer names, addresses, and cities were observed, potentially related to regional operations or promotional programs. Although the published samples do not visibly contain highly sensitive personal data, the folder names and file types indicate that the attackers may have accessed operational systems and internal documentation that could be leveraged to understand Nissan’s internal structure or facilitate access to more sensitive information.
The Everest group has reportedly given Nissan a five-day deadline to make contact or take action, threatening to publicly release the alleged stolen data if no response is received. Nissan has previously faced similar cybersecurity incidents. In August 2025, the Qilin ransomware group claimed to have stolen 4 TB of data from a Nissan design subsidiary. In March 2024, Nissan confirmed a data breach affecting more than 100,000 employees and customers in Australia and New Zealand. Earlier, in 2021, Nissan source code was leaked due to a misconfigured Git server. As of now, Nissan has not issued an official statement regarding Everest’s claims, and it remains to be seen whether the data will be released or how the incident will be handled. The Everest ransomware group has a history of claiming attacks against large enterprises and continues to apply pressure on major corporations, underscoring the ongoing challenges of cybersecurity defense and incident response at scale.
Source https://hackread.com/everest-ransomware-nissan-data-breach/
