- Qilin adds Nissan Creative Box to its data leakage site
- Claims to have taken more than 4 TB of sensitive files
- It’s like stealing an invention of an inventor, says the researchers
Nissan Creative Box, the creative arm of the Japanese multinational car manufacturer, was recently beaten with a ransomware attack and lost many confidential data in the incident.
Given the nature of Creative Box’s work, stolen data could damage the company and supply its competitive blade, if nature is released, experts said.
The company is a specialized satellite design study that is part of the Nissan’s global design network. Established in 1987 as a creative sand box for emerging designers, where they can create bold concepts that generally move away from conventional car design, it is often described as Nissan’s “group of experts”, since it does not produce large volumes of visible work, but still retains a significant role within the network.
Design data, photos, videos
Now, Cybernews He informs that the company’s name was added to the Qilin data escape site, which suggests that it suffered a ransomware attack and data violation. The group claims to have stolen more than 400,000 files, for a total of more than 4TB.
“The 4TB of the data we copy includes 3D design data, reports, photos, videos and several documents of Nissan’s cars,” the group allegedly wrote in its place.
“While we have no intention of releasing all this data, if Nissan refuses to recognize or ignore, he will do it. At that time, all, including competitors, will have access to detailed data from all Nissan CBI projects,” he said.
While personal identification information (PII) in thousands of people is valuable for criminals interested in phishing, identity theft or wire fraud, this type of information can cause a different type of pain. For Sabeckis, information safety researcher at Cybernews, the attack is “similar to stealing an invention of the inventor.”
Qilin has been among the most active ransomware groups in 2025 so far, as in the last year, Cybernews He states that the group attacked almost 500 organizations, and 401 took place since January 2025.
