The company says user IDs and hashed passwords were stolen.
Nissan Motor Company recently acknowledged that it had detected a data-stealing virus on its network on April 13. "As a result of our swift and deliberate actions we believe that our systems are secure and that no customer, employee or program data has been compromised," company executive vice president Andy Palmer said in a statement. "However, we believe that user IDs and hashed passwords were transmitted."
"The company delayed revealing the intrusion because 'we were pulling the drawbridge up,' Nissan spokesman David Reuter told CIO Journal," writes CIO Journal's Clint Boulton. "'We didn’t want to let the world know that there was an intrusion and didn’t want them to attack it.' The company was not legally required to report the incident because no sensitive data about customers, employees or business operations was taken in the attack, Reuter said."
"Nissan did not say which employees had been targeted, what division they worked in or what the intruders may have been after," writes The New York Times' Nicole Perlroth. "The company tracked the intrusions back to an Internet protocol address, but said it did not give much indication of who was behind the attack."
"Cyber attacks against corporations and organizations have become increasingly common over the last few years," notes TG Daily's Shane McGlaun. "Many of the attacks have been traced back to China in the past. Nevertheless, Nissan emphasizes that it still isn't sure where the attack came from. Perhaps not unsurprisingly, the car manufacturer suspects hackers may have attempted to steal intellectual property pertaining to the company's hybrid and electric vehicle drivetrains."