Cyber Incident Victim: Nissan

In late September 2025, unauthorized actors gained access to a self-managed GitLab instance operated by Red Hat Consulting, impacting Nissan as a downstream customer. The compromised system contained example code snippets, internal team communications, and project specifications. Threat actors associated with the Crimson Collective hacking group claimed responsibility for exfiltrating approximately 570 GB of compressed data from 28,000 private repositories during the breach. The attackers attempted to extort Red Hat by asserting that stolen materials included information enabling access to customer infrastructure environments. While Red Hat's systems were the primary target, Nissan subsequently confirmed that data related to its operations had been exposed through this incident. The breach remained undisclosed until Nissan's public acknowledgment nearly three months later in December 2025.

Nissan specifically identified that personal information belonging to 21,000 customers of its Fukuoka Sales division was compromised in the breach. Exposed data fields included full names, physical addresses, telephone numbers, partial email addresses, and sales-related transactional details. The automaker emphasized that no financial information or credit card data was accessed or stolen during the incident. Upon confirming its involvement, Nissan reported the breach to relevant authorities and initiated direct notifications to affected customers. The company could not verify whether threat actors had actively exploited the stolen customer data for secondary attacks following the initial compromise. No additional technical details regarding attack vectors, detection methods, or containment procedures were disclosed by either Nissan or Red Hat in the public statement.