Everest Ransomware group claims 900GB data theft from Nissan

The Everest ransomware group claims a breach of Nissan Motor Co., Ltd. on January 10, 2026. The attackers claims they stole 900 GB of data from the Japanese automaker's internal systems.

The group published screenshots on their dark web leak site that show directory structures and internal records linked to the company's global operations.

The exposed data items include:

• Dealership names, addresses, and geographic locations
• Financial records and internal audit reports
• Certification reports and claims processing data
• System folders and internal data extracts

The nature of the attack and any affected individuals are not disclosed.

The stolen files include a variety of structured data formats used for internal reporting and analysis. Attackers shared views of folders containing ZIP archives, text files, and encrypted PGP documents. The directory structure suggests the group broke into systems handling dealership management and regional incentive programs. The hackers gave the company a five-day deadline to pay a ransom before they leak the full dataset online.

This incident follows several previous security failures at Nissan. In August 2025, the Qilin ransomware group claimed to steal 4 TB of data from a Nissan design subsidiary. A December 2023 breach also exposed the personal details of over 100,000 individuals in Australia and New Zealand. A 2021 incident saw Nissan's source code leak because of a misconfigured Git server using default admin credentials.

Nissan has not issued a public statement regarding this specific 900 GB claim. Security experts are monitoring the situation to see if the company will negotiate or if the data will appear on public forums.

Update - As of 1st of April 2026, the Everest ransomware group is attempting to pressure the company into paying a ransom by threatening to release stolen data. Nissan states its own systems and customer information were not compromised.