News

Qilin ransomware claims 4TB theft from Nissan’s Creative Box

Nissan’s creative think tank, Creative Box Inc., has reportedly been hit by a ransomware attack that could expose years of design work and internal planning. The group claiming responsibility, Qilin, says it copied more than 400,000 files, totalling over 4 terabytes, and is threatening to publish the data if the company does not respond.

Creative Box is a specialised satellite design studio within Nissan’s global network. Established in 1987, it serves as a sandbox for emerging designers to develop bold concepts that often sit outside mainstream car design. Although much of its work is not publicly visible, the studio plays a significant role in shaping the brand’s future direction.

Qilin has listed Nissan Creative Box on its data leak site and claims the haul includes 3D design data, internal reports, photos, videos and other project documents. The group says it is holding off a full release for now, but warns that if Nissan ignores the incident, competitors could gain access to detailed information about ongoing and future projects.

Security researchers note that this type of theft targets intellectual property more than personal data. While personally identifiable information can be used for phishing or identity fraud, design files and engineering documentation can erode competitive advantage. One researcher compared the impact to stealing an invention from its inventor.

The attack comes amid a busy period for Qilin. The group has claimed close to 100 victims in recent weeks and, over the past year, is linked to hundreds of incidents across multiple sectors.

Nissan has not provided detailed public information about the incident at Creative Box. Key questions remain about the scope of the data, whether any of it has already been shared, and what measures are being taken to contain potential fallout.

What to watch next

  • Whether Nissan confirms the breach and outlines its response.

  • If any sample files appear online that verify the group’s claims.

  • How the incident affects current design programs and supplier relationships.

  • Whether the attack prompts wider security reviews across the automotive industry.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *