Nissan says hackers stole user IDs, hashed passwords
- 26 April, 2012 11:37
Nissan said it found malicious software on its network that stole employee user IDs and hashed passwords, but said no personal information or e-mails appeared to have been compromised.
The car company released a statement on April 20, one week after the intrusion was detected. Jeff Kuhlman, Nissan's head of global communications, said on Thursday that Nissan delayed disclosing the breach sooner in order to cleanse its network of the malicious software and prevent tipping off the hackers.
"We are working with security software specialists and making sure that all the doors are closed and that going forward we have the most secure system we can have," Kuhlman said.
Nissan said in a statement that the malware accessed a data store that held employee user account credentials. Kuhlman said the company is not sure what information the hackers were after.
"As a result of our swift and deliberate actions we believe that our systems are secure and that no customer, employee or program data has been compromised," according to the statement.
Nissan said it would "continue to vigilantly maintain our protection and detection systems and related countermeasures to keep ahead of emerging threats."
Storing hashed passwords rather than passwords in clear text is considered a good security practice. A hash is a cryptographic representation of a password, but the hash can be converted back to the original password using modest computing power and password cracking programs.
The shorter and less complicated the password, such as those without capital letters and numbers, the faster it can be decoded.
Send news tips and comments to firstname.lastname@example.org
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- OAIC releases privacy impact assessment guide for consultation
- Some Australian businesses 'unlikely' to be ready for Privacy Act changes: survey
- BYOA 'shadow IT' grows in the enterprise: Telsyte
- Cost of a Privacy Act breach could extend to ongoing audits: legal expert
- How Hunter Water is saving $50k a year in software licences
Trust issue looms large for tech companies capitalizing on personal data
5 women who've made it in IT
Five trends affecting legal CIOs
CIO Roundtable: The changing face of security
Bitcoin malware count soars as cryptocurrency value climbs
ERP Selection: Finding the Right Fit
Finding a needle in a hay stack is hard, but the task pales in comparison to finding a specific needle in a pile of needles. Selecting the ideal Enterprise Resource Planning (ERP) solution can feel just as daunting. ERP represents a serious investment for any organisation and is vital to future success. This report explores the strategies organisations are employing to find the right ERP fit that will give them the tools they need to thrive.
Ensuring Online Business in Asia-Pacific
In an increasingly connected world, your company’s online presence is often the first - and sometimes the only – way that your customers and clients engage with you. In this whitepaper, we look at how companies can leverage the right technology and service to deliver a secure network infrastructure - from internal communication and record-keeping to product design and financial management.
Case Study: Columbia Sportswear
With the agility and intelligence provided by their management tools, Columbia sportswear is transforming IT to be much more service oriented in fulfilling business requests and delivering resources as needed. It’s allowing IT to “never say no” with an infrastructure that can handle nearly any project that comes through the door.