Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI

Qilin ransomware claims a 4TB data breach at Nissan CBI, leaking car design files, financial data, 3D models, and VR design images as proof.

The Qilin ransomware group says it has compromised Nissan’s Creative Box Inc. (CBI), a Tokyo-based design subsidiary of Nissan Motor Co., Ltd, and is threatening to release sensitive files unless its demands are met.

On its dark web leak site, the group claimed it had copied more than 4 terabytes of data, including 405882 files, from Nissan CBI. The post alleged that the stolen material includes 3D design data, reports, photos, videos, and various internal documents linked to Nissan automobile projects.

In its message, Qilin wrote: “The 4TB of data we copied includes 3D design data, reports, photos, videos and various documents of Nissan automobiles. While we have no intention of releasing all of this data yet, if Nissan refuses to acknowledge or ignore, it will. At that point, everyone, including competitors, will have access to detailed data of all Nissan CBI projects.”

Screenshot from the Qilin ransomware group’s dark web leak site. Images are blurred for product protection. (Image credit: Hackread.com)

****What the Leaked Images Show****

As proof of its claims, Qilin published four sample files. One shows 3D CAD-style renderings of a Nissan vehicle, with both low and high-polygon models labeled with triangle counts. This suggests the group accessed advanced design data used in prototyping and visualization.

Another file is a spreadsheet written in Japanese, which appears to contain financial or operational data, including figures, project timelines, and cost estimates. Highlighted sections and color-coded blocks indicate internal planning and budgeting work.

The third leaked file is a photorealistic render of a Nissan car interior, showing the dashboard, steering wheel, and seating design in high detail. The fourth leaked image shows staff using virtual reality headsets to review and manipulate 3D vehicle designs on-screen, highlighting how Nissan CBI integrates VR into its design workflow.

If authentic, this type of file could be valuable to competitors or counterfeiters seeking insight into Nissan’s design processes.

****Qilin Ransomware, A Serious Threat!****

Qilin, also known as Agenda, has been active since 2022 and is known for targeting high-profile organizations through a ransomware-as-a-service (SaaS) model. The group gained international attention after a 2024 attack on NHS supplier Synnovis in London, which disrupted thousands of medical appointments, procedures and also caused the death of a patient due to the cyberattack.

If Nissan CBI’s data is genuine, the exposure of proprietary vehicle designs and internal documents could create long-term competitive and reputational risks for the company. Automotive design files are often closely guarded trade secrets, and the threat of competitors gaining access to them adds another layer of pressure in such incidents.

Hackread.com has reached out to Nissan for comment regarding the claims made by Qilin. At the time of writing, no official statement has been released.