The Qilin ransomware gang has claimed a breach at Nissan Creative Box Inc. (CBI), the Tokyo-based design subsidiary of Nissan Motor Co., saying it copied more than 4 terabytes of data and is threatening to release the material unless its demands are met. Nissan has not publicly confirmed the incident as of this writing.
The group said it extracted 4TB of data from Nissan CBI, including 405,882 files comprising 3D design data, reports, photos, videos and internal documents tied to Nissan automobile projects. In its messaging, Qilin warned that if Nissan refuses to acknowledge the breach, or ignores the demand, the data could become accessible to competitors and others.
As evidence, Qilin published four sample files. One showed 3D CAD-style renderings of a Nissan vehicle with low- and high-polygon models. A second file appeared to be a Japanese spreadsheet containing financial or operational data, with highlighted sections and color-coded blocks. A third file depicted a photorealistic render of a Nissan car interior, including the dashboard and seating. The fourth sample displayed staff using virtual reality headsets to review and manipulate 3D designs, illustrating how Nissan CBI incorporates VR into its design workflow.
Qilin, also known as Agenda, has operated since 2022 using a ransomware-as-a-service model and has drawn attention for high-profile targets. The group has been linked to broader campaigns in the past, including a 2024 incident involving a supplier to the UK’s National Health Service, according to industry coverage. If the Nissan CBI materials are authentic, experts say the leak could pose long-term competitive and reputational risks for Nissan, as proprietary design files are typically tightly guarded trade secrets.
Nissan CBI has not issued an official statement on the breach as of this report.
Security analysts cautioned that everything remains unverified until independent forensic review confirms the breach and the scope of stolen data. In the meantime, the incident underscores ongoing concerns about ransomware groups targeting automotive design teams and the potential impact on product development timelines.