Qilin Group announced that it had stolen more than 4TB of internal materials from Creative Box, the Tokyo-based studio responsible for Nissan’s concept and design work, putting the automaker’s future plans at risk.
According to the cybercriminals, the stolen archive contains 405,882 files, including 3D models, reports, photos and videos. The hackers have already released several samples, including car mockups and internal documents, and have threatened to leak the rest if Nissan does not admit the attack or refuse to cooperate. Creative Box, which was opened in 1987, is a subsidiary of Nissan and is known as the brand’s “design lab.”
This is not the first time Nissan has fallen victim to cybercriminals. In 2024, hackers attacked units in North America and Australia, stealing data from thousands of employees and customers. Back in 2022, a leak from a third-party service provider exposed customer information in various countries. Qilin has claimed 483 victims in the past 12 months, including hospitals, energy and manufacturing companies.
The Creative Box incident highlights the growing threat to the automotive industry, where the leak of even internal prototypes can have strategic implications.
Qilin continues to operate actively under the “ransomware-as-a-service” model, combining data encryption with subsequent blackmail for their publication.
