Nissan says hackers stole user IDs, hashed passwords

The company said that personal information and e-mail was not compromised

Jeremy Kirk (IDG News Service)
26 April, 2012 11:37
Comments

Nissan said it found malicious software on its network that stole employee user IDs and hashed passwords, but said no personal information or e-mails appeared to have been compromised.

The car company released a statement on April 20, one week after the intrusion was detected. Jeff Kuhlman, Nissan's head of global communications, said on Thursday that Nissan delayed disclosing the breach sooner in order to cleanse its network of the malicious software and prevent tipping off the hackers.

"We are working with security software specialists and making sure that all the doors are closed and that going forward we have the most secure system we can have," Kuhlman said.

Nissan said in a statement that the malware accessed a data store that held employee user account credentials. Kuhlman said the company is not sure what information the hackers were after.

"As a result of our swift and deliberate actions we believe that our systems are secure and that no customer, employee or program data has been compromised," according to the statement.

Nissan said it would "continue to vigilantly maintain our protection and detection systems and related countermeasures to keep ahead of emerging threats."

Storing hashed passwords rather than passwords in clear text is considered a good security practice. A hash is a cryptographic representation of a password, but the hash can be converted back to the original password using modest computing power and password cracking programs.

The shorter and less complicated the password, such as those without capital letters and numbers, the faster it can be decoded.

Send news tips and comments to jeremy_kirk@idg.com

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: etwork, Intrusion, Nissan

References show all

Statement: Nissan is Taking Actions to Protect and Inform Employees and Customers Following an Intrusion into the Company's Global Network Systems - Nissan Online Newsroom

Comments are now closed.

Share
Share this article1
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Smart Cloud Provisioning: Low Cost and highly Scalable Entry Point into Cloud Computing

While many organisations need the flexibility, security and control that a private cloud offers, they don’t want the complexity and expenses that come with many cloud implementations. This whitepaper looks into how IBM SmartCloud Provisioning can provide a low-cost, highly scalable entry point into cloud computing that enables organisations to increase business agility and optimise virtualisation.

Most Commented

ARN Distributor Directory

Find distributors by name | vendor | location

Channel Deals

Transition Systems Australia

Polycom

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Latest Jobs