- Nissan is reimbursing some of its customers up to $2,500 each through a class-action suit, due to a 2017 data breach
- An anonymous hacker claimed to have accessed customer files, including vehicle and loan information
- The suit was settled rather than taken to court, and so the allegations weren’t ever proven
Nissan Canada will pay $1.82 million through two class-action lawsuits over allegations of damages from a data breach. The suits were on behalf of drivers who had an active loan or lease with Nissan between December 2016 and January 2017, with one suit covering Quebec and the other for the rest of Canada.
The parties decided to settle the lawsuit with a $1.82-million payout rather than fight it out. Nissan has not admitted to any of the allegations, and none of the allegations have been proven in court.
The case stems from an anonymous email that Nissan received from an unknown attacker, on or around December 11, 2017. The person claimed to have “information about Nissan customers,” including their names and addresses, the vehicle information including its VIN (vehicle information number), credit scores, and their loan amounts and monthly payments. Nissan said that payment card information and other personal banking details were not included in the breach.
At the time, Nissan said it didn’t know how many customers were affected by the issue, but contacted all of its “current and past customers,” approximately 1.3 million of them, who had financed vehicles through Nissan and Infiniti Canada’s services. The automaker offered all of them 12 months of free credit monitoring services through TransUnion. Nissan also said it was working with law enforcement, data security, and privacy regulators to investigate the issue. At the time, critics noted that Nissan waited ten days to announce that it had been the victim of a cyberattack.
The class-action suit is now closed to further claims and will go ahead with the negotiated settlement. Car owners or lessees could file either a documented or undocumented claim.
Those with documented claims, who were able to prove damages as a result of the breach – including receiving a letter from Nissan telling them about it – will be eligible for reimbursement of up to $2,500. Undocumented claimants without proof of damage will receive up to $35 “for reimbursement of lost time.” At the moment, there’s no word on exactly how many people will be getting a chunk of the settlement cash, whether it’s the larger amount or the $35 lost-time payment. It also doesn’t apply to anyone who owned a Nissan vehicle at the time but did not get a loan for it through the automaker’s financing division.
Sign up for our newsletter Blind-Spot Monitor and follow our social channels on X, Tiktok and LinkedIn to stay up to date on the latest automotive news, reviews, car culture, and vehicle shopping advice.