breach
JapanSecurity Affairs
JapanSecurity AffairsRed Hat GitLab breach exposes data of 21,000 Nissan customers
Tuesday, December 23, 2025
What
Hackers breached a self-managed GitLab instance used by Red Hat Consulting, leading to the theft of sensitive data from 21,000 Nissan customers. The compromised data included names, addresses, phone numbers, and partial email addresses, although no financial data was reported as affected. This incident highlights vulnerabilities in third-party service management and the potential risks associated with data handling in supply chains.
Where
Nissan Fukuoka Sales, Japan; Red Hat, USA
When
The breach was reported on October 3, 2025, with the hackers claiming access as early as September 24, 2025.
Key Factors
- •Unauthorized access to a self-managed GitLab instance
- •Data included personal customer information but no financial details
- •Threat actors claimed to have gained access to client infrastructure
Takeaways
- →Organizations must enhance security measures for third-party services to prevent similar breaches.
- →Regular audits and monitoring of subcontractors are essential to safeguard sensitive customer data.
- →Immediate notification to affected customers is crucial for transparency and trust.
Read Full Article
Opens original article on Security Affairs
