Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Nissan says hackers stole user IDs, hashed passwords

The company said that personal information and e-mail was not compromised

Nissan said it found malicious software on its network that stole employee user IDs and hashed passwords, but said no personal information or e-mails appeared to have been compromised.

The car company released a statement on April 20, one week after the intrusion was detected. Jeff Kuhlman, Nissan's head of global communications, said on Thursday that Nissan delayed disclosing the breach sooner in order to cleanse its network of the malicious software and prevent tipping off the hackers.

"We are working with security software specialists and making sure that all the doors are closed and that going forward we have the most secure system we can have," Kuhlman said.

Nissan said in a statement that the malware accessed a data store that held employee user account credentials. Kuhlman said the company is not sure what information the hackers were after.

"As a result of our swift and deliberate actions we believe that our systems are secure and that no customer, employee or program data has been compromised," according to the statement.

Nissan said it would "continue to vigilantly maintain our protection and detection systems and related countermeasures to keep ahead of emerging threats."

Storing hashed passwords rather than passwords in clear text is considered a good security practice. A hash is a cryptographic representation of a password, but the hash can be converted back to the original password using modest computing power and password cracking programs.

The shorter and less complicated the password, such as those without capital letters and numbers, the faster it can be decoded.

Send news tips and comments to jeremy_kirk@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: etwork, Intrusion, Nissan
References show all
Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Software Defined Protection - The Enterprise Security Blueprint
    In a world with high-demanding IT infrastructures and networks, where perimeters are no longer well defined and where threats grow more intelligent every day, we need to define the right way to protect enterprises in the ever-changing threat landscape. Download today to define your security blueprint.
    Learn more »
  • Simple, Proven, Tranformative
    A cheat Sheet for Google Apps for Business
    Learn more »
  • Avoiding Common Pitfalls of Evaluating and Implementing DCIM Solutions
    While many who invest in Data Centre Infrastructure Management (DCIM) software benefit greatly, some do not. Research has revealed a number of pitfalls that end users should avoid when evaluating and implementing DCIM solutions. Choosing an inappropriate solution, relying on inadequate processes, and a lack of commitment / ownership / knowledge can each undermine a chosen toolset’s ability to deliver the value it was designed to provide. This paper describes these common pitfalls and provides practical guidance on how to avoid them.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index


Computerworld
ARN
Techworld
CMO