Qilin Ransomware Group Claims Breach of Nissan Creative Box
Published on August 22, 2025
- Nissan breach: A post on the Qilin Ransomware leak site claims a branch of the Nissan design network was breached.
- What was exposed: The reportedly stolen files include 3D designs, engineering reports, video content, and more.
- Qilin threats: The ransomware actor’s pressure tactics involved threats to release the allegedly exfiltrated files to competitors.
The Qilin ransomware group has claimed responsibility for a cyberattack targeting Nissan Creative Box, the automotive manufacturer's design and development division, allegedly exfiltrating approximately 4 TB of sensitive corporate data containing critical intellectual property and proprietary automotive development materials.
Data Exfiltration
According to the Qilin ransomware group's public disclosure, the Nissan Creative Box breach resulted in the unauthorized access and theft of highly sensitive automotive development data.
The compromised information reportedly includes over 400,000 files containing:
- comprehensive 3D design files,
- detailed engineering reports,
- photographic documentation,
- video content,
- extensive documentation related to ongoing and future Nissan automotive projects.
This alleged automotive data breach would pose a significant threat to Nissan's competitive positioning within the global automotive market.
The purportedly stolen materials potentially contain proprietary design specifications, manufacturing processes, and strategic development roadmaps that could provide substantial competitive advantages to unauthorized parties.
Threat Actor Issues Ultimatum
The cybercriminal organization has issued a warning to Nissan's executive leadership, stating that failure to acknowledge their demands will result in the complete public release of all exfiltrated data.
Qilin also warned that ignoring their communication would result in the compromised data becoming accessible to automotive competitors and other interested parties, HackManac reported today. This tactic represents a calculated approach to maximize pressure on the targeted organization while threatening substantial reputational and competitive damage.
Industry Implications and Response
The incident highlights ongoing cybersecurity vulnerabilities within automotive manufacturing environments, where proprietary design data represents critical business assets. Nissan has not issued a statement regarding the alleged breach or commented on Qilin's claims.
Automotive companies are increasingly facing sophisticated ransomware operations that target intellectual property and development materials essential to maintaining their competitive market positions.
Qilin recently accused Formacompany & Co. of money laundering and claimed to leak the real names of owners following a purportedly ethical attack. Last year, Qilin’s ‘political protest’ cyberattack on the NHS led to one patient's death.
This month, an unnamed carmaker’s web portal exposed a remote car unlocking vulnerability and access to 1,000 dealerships, and Volkswagen’s Connected Car app flaws allowed brute force attacks and exposed owner details in May.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular