๐Ÿ”’breach.co.nz ยท the NZ & Australia breach register ๐Ÿ›ก๏ธ A Govern service
Register โ€บ ๐Ÿ‡ฆ๐Ÿ‡บ AU โ€บ Other

Nissan Oceania

๐Ÿ‡ฆ๐Ÿ‡บ Australia & New Zealand ยท Nissan Motor Corporation / Nissan Financial Services (Oceania) ยท Record AU-2023-0301
โ—‹ Reported โ€” awaiting official confirmation
Reported โ€” awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
100,000 (approx)
Breach date
2023-12
Regulator
OAIC; ID Support NSW
Trust tier
B ยท Reported

Data exposed

Government identification (some Medicare, licence, passport numbers), and other personal information Media-reported

Confidence: Confirmed = regulator/court ยท Company-confirmed = the organisation's own disclosure ยท Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In December 2023 Nissan Oceania was hit by a cyber attack that exposed the personal information of around 100,000 people across Australia and New Zealand, including โ€” for some โ€” government identification such as Medicare, licence and passport numbers [nswgov-nissan] [securityweek-nissan]. Nissan disclosed the breach and began notifying affected individuals in March 2024.

Timeline

  • 2023-12 โ€” Cyber attack on Nissan Oceania systems [securityweek-nissan].
  • 2024-03 โ€” Public disclosure; ~100,000 people notified across AU & NZ [nswgov-nissan].

Current status

Resolved; affected individuals notified with identity-protection guidance. Figures are as reported. [nswgov-nissan]

Why it matters

A trans-Tasman breach exposing government identity documents โ€” the category of data that carries the highest downstream fraud risk.