The carmaker was keen to point out that no payment information was compromised, but said the following might have been: customer name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount and monthly payment.
The breach affects some customers that financed their vehicles through Nissan Canada Finance (NCF) and INFINITI Financial Services Canada, although the firm is still working out exactly how many are affected.
That said, it’s erring on the side of caution by informing all current and former customers and offering them 12 months of free credit monitoring services through TransUnion.
“We sincerely apologize to the customers whose personal information may have been illegally accessed and for any frustration or inconvenience that this may cause,” said Alain Ballu, president, Nissan Canada Finance. “We are focused on supporting our customers and ensuring the security of our systems.”
Nissan’s travails come at the end of another stand-out year for big-name data breaches.
The past 12 months has seen Yahoo admit a 2013 breach had tripled in size to affect all three billion users; Uber reveal it paid hackers to delete stolen data on 57m users; and Equifax allow hackers to make off with highly sensitive financial info on 145.5m Americans.
It apparently included key data belonging to partner Experian, an Equifax rival and one of the big three US consumer credit reporting agencies.