The NSW Government are aware of the OracleCMS data breach, where individuals' personal information that was initially compromised during the Nissan Australia and New Zealand cyber incident, was published on the dark web.
OracleCMS, the vendor who stood up the call centre for the Nissan breach, was provided with summary information about affected customers, to help answer questions from people who received a breach notification letter.
OracleCMS subsequently suffered a data breach, which it was alerted to on 15 April 2024.
This separate incident resulted in certain data, which was held by OracleCMS, including the summary information Nissan provided to OracleCMS, being compromised and published on the dark web.
This means that, for individuals affected by both the Nissan breach and subsequent OracleCMS breach:
their personal information was unlawfully accessed from Nissan’s IT servers on 5 December 2023;
and
- a summary description of the personal information that was compromised in the December incident was also published on the dark web as a result of the OracleCMS data breach.
Nissan Australia and New Zealand is providing notifications with details of information affected directly to affected individuals who have been identified as requiring notification and where Nissan holds current contact information for those individuals. Wherever possible, individuals will be provided with a direct notification.
For specific inquiries about this incident, please contact Nissan's dedicated support line:
- Australia 1800 958 000
- New Zealand 0800 44 50 14
The contact centre operates between 7:00am – 7:00pm AEST weekdays (excluding public holidays)