Nissan Canada Finance waits 10 days to inform 1.13 million customers of data breach

Nissan Canada Finance was breached, and the personal information of 1.13 million customers in Canada may have been leaked, possibly including customer name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount and monthly payment, reads a company statement released on Thursday.

The automaker waited 10 days before announcing it had fallen victim to a cyberattack. On Dec. 11, it detected the breach that “may have involved unauthorized person(s) gaining access to the personal information of some customers that have financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada.”

For now, the company is investigating the breach and has reached out for help to Canadian privacy regulators, law enforcement and specialists in data security. An exact number of affected customers has not been released, but all customers are being contacted as a precaution. It is believed customers outside of Canada were not affected. Nissan Canada Finance assures customers that neither payment card information nor other personal banking details were leaked.

“We sincerely apologize to the customers whose personal information may have been illegally accessed and for any frustration or inconvenience that this may cause,” said company president Alain Ballu. “We are focused on supporting our customers and ensuring the security of our systems.”

As hackers may attempt to exploit the stolen information for illicit purposes, Nissan Canada Finance said affected customers will receive free credit monitoring for one year through TransUnion.

This is a Security Bloggers Network syndicated blog post authored by Luana Pascu. Read the original post at: HOTforSecurity