In January 2026, the Everest ransomware group announced it had exfiltrated approximately 900GB of data from Nissan's internal systems, compromising years of customer records from the Nissan and Infiniti dealer network across North America. The breach exposed over 4 million names, 4 million street addresses, 2.6 million phone numbers, 2 million email addresses, 17 million VINs, and sensitive auto loan data from Nissan Financial Services. If you have ever purchased, leased, financed, or serviced a Nissan or Infiniti vehicle, your personal information may be at risk. Here is what happened and exactly what you need to do to protect yourself.
What Happened
The Everest ransomware group targeted Nissan's GCSSD (Global Customer Service & Sales Data) FTP servers, which are operated by an IT contractor and serve the Nissan and Infiniti dealer network in North America. According to the attackers, the passwords on these servers had not been changed for at least three years, and multi-factor authentication was entirely absent -- a serious security failure for systems holding millions of customer records.
The attackers claimed to have extracted daily full database dumps spanning approximately six years of customer data. This means even if you purchased or serviced a Nissan or Infiniti vehicle years ago, your information may still be included. Nissan attributed the breach to its vendor, GCSSD, describing the issue as isolated to the contractor's systems.
In a separate incident, approximately 21,000 Nissan Fukuoka customers in Japan also had personal data exposed through a breach of a Red Hat GitLab instance, though this affected a different set of systems and customers.
What Information Was Exposed
The scope of data exposed in this breach is extensive. Based on the attackers' claims and reporting, the compromised data includes:
- 4.1 million full names
- 4 million street addresses
- 2.6 million phone numbers
- 2 million email addresses
- 17 million Vehicle Identification Numbers (VINs)
- Auto loan data from Nissan Financial Services (payment histories, loan amounts, account details)
- Repair orders and service history records
- Dealer employee data (names, roles, contact information)
- Wholesale invoices and internal business reports
Financial Data Exposure Increases Identity Theft Risk
The inclusion of auto loan data from Nissan Financial Services makes this breach particularly dangerous. Loan records can contain financial account numbers, payment histories, and personal details that criminals can use to commit financial fraud, open new accounts in your name, or craft highly convincing phishing attacks. If you financed a vehicle through Nissan, treat this as a financial data breach and take immediate action to protect your credit.
Immediate Steps to Take
1. Freeze Your Credit at All Three Bureaus
With financial data and detailed personal information exposed, a credit freeze is your first line of defense. A credit freeze prevents anyone from opening new accounts in your name until you lift it. Place a freeze at all three bureaus -- it is free and does not affect your credit score:
- Equifax: equifax.com/personal/credit-report-services/credit-freeze/
- Experian: experian.com/freeze/center.html
- TransUnion: transunion.com/credit-freeze
You can temporarily lift the freeze whenever you need to apply for credit, and refreeze immediately after.
2. Place a Fraud Alert
Contact any one of the three credit bureaus to place an initial fraud alert on your file. The bureau you contact is required to notify the other two. A fraud alert tells lenders and creditors to take extra steps to verify your identity before opening new accounts. An initial alert lasts one year and can be renewed.
3. Monitor Your Financial Accounts
Review your bank accounts, credit cards, and any Nissan Financial Services accounts for unauthorized activity. Set up real-time transaction alerts through your bank's app so you are notified immediately of any charges. Pay special attention to:
- Unfamiliar charges, even small ones (criminals often test accounts with small transactions first)
- New accounts you did not open
- Changes to your existing account details (address, phone number, email)
- Unexpected loan or credit inquiries on your credit report
Check your credit report for free at AnnualCreditReport.com -- you are entitled to free weekly reports from all three bureaus.
4. Change Your Passwords
If you have an account on NissanUSA.com, MyNissan, Nissan Financial Services, or any related Nissan or Infiniti portal, change your password immediately. Use a strong, unique password of at least 16 characters. If you used the same password on other accounts, change those too. Use a password manager to generate and store unique passwords for every service.
Enable two-factor authentication on every account that supports it, prioritizing email, banking, and financial accounts. Use an authenticator app rather than SMS-based verification when possible.
Quick Action Checklist
1. Freeze your credit at Equifax, Experian, and TransUnion
2. Place a fraud alert at one bureau (it propagates to all three)
3. Review bank and credit card statements for unauthorized charges
4. Change passwords on Nissan accounts and any accounts sharing the same password
5. Enable two-factor authentication on financial and email accounts
6. Check your credit report at AnnualCreditReport.com
7. Set up transaction alerts on all financial accounts
Ongoing Protection Steps
Breach data does not disappear after the initial incident. It circulates on the dark web, gets sold to other criminals, and resurfaces for months or even years. Ongoing vigilance is essential:
- Monitor your credit reports regularly. Check all three bureaus at least monthly for the next year. Look for new accounts, hard inquiries, or address changes you did not authorize.
- Watch your Nissan Financial Services account. If you have an active auto loan or lease, monitor it closely for unauthorized changes to payment methods, mailing addresses, or contact information.
- Set up dark web monitoring. Services that scan dark web forums and marketplaces can alert you if your personal information appears in new data dumps or is being sold.
- Review your insurance and registration records. With 17 million VINs exposed, criminals could potentially use vehicle information for insurance fraud, fraudulent registrations, or VIN cloning schemes.
Watch for Scams
After any major breach, scammers use the stolen data to launch targeted attacks. With the detailed information exposed in the Nissan breach, expect highly convincing phishing attempts:
- Fake Nissan or Infiniti emails claiming you need to "verify your account," "update your payment method," or "confirm your identity" after the breach
- Phone calls from fake "Nissan Financial Services" representatives requesting your account details, Social Security number, or payment information
- Fake breach settlement offers asking you to submit personal information to "claim compensation"
- Texts or emails referencing your actual vehicle (using stolen VIN data) to appear legitimate -- for example, fake recall notices or warranty extensions
- Loan or refinancing scams that reference your real loan details to trick you into redirecting payments
Remember: Nissan will never ask for your full Social Security number, passwords, or financial account details by email, text, or unsolicited phone call. If you receive a suspicious communication, do not click any links or provide any information. Instead, contact Nissan directly through the official number on their website.
Remove Your Data From Broker Sites
When breach data enters circulation, criminals cross-reference it with publicly available information on data broker and people search sites. Your name, address, phone number, and email from the Nissan breach can be matched with additional details from brokers -- family members, property records, employment history, and more -- creating a comprehensive profile that makes identity theft and targeted fraud far easier.
Removing your personal information from these sites significantly reduces what criminals can piece together, even after a breach. However, there are over 100 major data broker sites, each with its own opt-out process, and brokers frequently re-add your data after removal.
PrivacyOn automates this entire process. It continuously removes your personal information from over 100 data broker sites, provides dark web monitoring to alert you when your data appears in new exposures, and offers 24/7 monitoring to catch re-appearances. With family plans covering up to 5 people starting at just $8.33/month, PrivacyOn can help protect everyone in your household -- especially important when a breach this large may have exposed data for multiple family members who own or service Nissan and Infiniti vehicles.
Take Action Now
The Nissan breach is significant not just for its scale -- millions of records spanning six years -- but for the depth of data exposed. The combination of personal details, financial records, vehicle information, and service histories gives criminals multiple avenues for fraud. Do not wait for an official notification from Nissan to take action. Freeze your credit, change your passwords, monitor your accounts, and reduce your public data exposure. The sooner you act, the harder it becomes for criminals to use your stolen information against you.