Thought Leadership
Following a server breach at its in-house design company Creative Box, Nissan admits to a data leak. Hackers from the Qilin ransomware gang are said to have gained access to extensive design data – four terabytes of material with 3D models, business reports and VR workflows, according to the company.
The Tokyo-based design office Creative Box, a wholly-owned Nissan subsidiary for experimental vehicle development, noticed the unauthorized access on August 16. As a result, Creative Box immediately blocked all server connections and called in the authorities. Nissan confirmed to BleepingComputer the security measures taken and the police report.
The design company acts as the Group’s internal “think tank” and works exclusively on Nissan projects for concept vehicles and experimental developments.
Blackmail gang posts evidence online
Four days later, Creative Box appeared on the Qilin Group‘s darknet platform. The cyber criminals claim to have gained access to all design projects. As leverage, they are threatening to publish them in full – which could provide competitors with strategic insights into future Nissan models.
To back up their claims, the attackers posted 16 screenshots online, apparently taken from the stolen data. The screenshots include 3D renderings of cars, Excel spreadsheets, text documents and images of vehicle interiors.
The Qilin ransomware gang carried out several high-profile attacks in 2025, for example against the pharmaceutical company Inotiv.
Group admits outflow of design data
Internal investigations have now confirmed the data theft, as Nissan announced. “A detailed investigation is still ongoing, but the loss of certain design information has been confirmed,” the company said. Further steps will be taken depending on the status of the investigation.
As Creative Box works exclusively for the parent company, the impact is limited to Nissan itself. According to the company, external clients, suppliers or private individuals are not affected.
