Qilin ransomware hit Nissan’s Creative Box studio, stealing 4TB of data including vehicle designs, financial records, and VR tech. The breach threatens Nissan’s IP and global operations.
US-based pharmaceutical research organisation Inotiv has confirmed a significant ransomware attack by the Qilin group, disrupting operations and leading to the encryption of critical systems. The attack has impacted business continuity, with the data breach still under investigation.
Australian internet provider iiNet confirms major data breach affecting 280,000+ customers after hackers used stolen employee credentials to access order management system. TPG CEO apologises "unreservedly" as investigation continues.
Qilin ransomware hit Nissan’s Creative Box studio, stealing 4TB of data including vehicle designs, financial records, and VR tech. The breach threatens Nissan’s IP and global operations.
Cyber News Centre's cyber update for 22nd August 2025: Nissan's Creative Box Inc. (CBI), a key design subsidiary in Tokyo, has been targeted by the Qilin ransomware group, which claims to have stolen four terabytes of sensitive data, including proprietary vehicle designs and confidential internal documents.
Nissan Creative Box Inc. (CBI) is a Tokyo-based design studio and subsidiary of Nissan Motor Co., Ltd. Located in Harajuku, the studio was founded by Shozo Sato and serves as a key innovation hub for Nissan’s global design work. It focuses on concept and production vehicle development, using advanced tools like virtual reality and 3D modelling to shape future models.
The Update: On August 20, 2025, Nissan’s Tokyo design studio, Creative Box Inc. (CBI), was attacked by the Qilin ransomware group. The breach was detected on August 21 and involved the exfiltration of around 4TB of data, including 405,882 files. These files contain 3D vehicle designs, financial reports, internal documents, and virtual reality design workflows.
Qilin has released sample files as proof, such as CAD models of Nissan vehicles, internal financial spreadsheets in Japanese, photorealistic interior renders, and images of staff using VR headsets. The group is using a double extortion tactic, threatening to publish all stolen data unless Nissan responds.
The attack has been confirmed by multiple cybersecurity sources, including FalconFeeds.io, Hackmanac, Dark Web Informer, and ransomware tracking site Ransomware.live.
Why It Matters: The theft of sensitive design data puts Nissan’s future vehicle innovations at risk. Competitors could gain access to unreleased models and technology, potentially undermining Nissan’s market position globally and in Australia.
Nissan has a strong presence in Australia, including the Nissan Casting Australia Plant in Victoria and a 3% share of the local automotive market. A loss of design integrity could impact consumer trust and future product differentiation. This incident highlights the vulnerability of creative and technical assets in the automotive sector. As cybercriminals shift from encryption to data theft, protecting intellectual property in digital design environments is now a critical security priority.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
US-based pharmaceutical research organisation Inotiv has confirmed a significant ransomware attack by the Qilin group, disrupting operations and leading to the encryption of critical systems. The attack has impacted business continuity, with the data breach still under investigation.
Australian internet provider iiNet confirms major data breach affecting 280,000+ customers after hackers used stolen employee credentials to access order management system. TPG CEO apologises "unreservedly" as investigation continues.
HR giant Workday confirms data breach affecting 70+ million users worldwide after hackers infiltrated third-party CRM platform via social engineering. Attack part of broader ShinyHunters campaign targeting major corporations through Salesforce systems.
British telecom giant Colt Technology Services confirms WarLock ransomware attack affecting global operations across 40 countries. Hackers demand $200,000 for stolen data including employee salaries and customer information.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
