Home > Security > Security News

Everest Group Claims Massive Nissan Data Breach, Over 100,000 PayPal Credentials Leaked

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
One unlocked padlock among locked padlocks
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • Threat Actor Claim: The Everest hacking group has claimed responsibility for a cyberattack against Nissan Motor Co., Ltd.
  • Data Exfiltration Allegations: The group alleges it has exfiltrated 900 GB of sensitive data from the automotive manufacturer's systems.
  • PayPal Allegations: Meanwhile, a hacking forum post shared an alleged PayPal combolist containing over 100,000 lines.

The Everest hacking group has publicly claimed it has breached Nissan Motor Co., Ltd.'s network. In a statement observed on January 10, 2026, the threat actors asserted they successfully exfiltrated a substantial volume of data, estimated at 900 GB. Around the same time, a cybercriminal claimed on a hacking forum that they leaked over 100,000 PayPal email and password combinations.

Nissan Data Breach

Everest has reportedly provided samples of the stolen data to substantiate their claims, which are currently pending verification. The post said the dataset contains TXT, XLS, and CSV files, as well as ZIP archives.

Everest claims the breach of Nissan systems | Source: HackManac on X
Everest claims the breach of Nissan systems | Source: HackManac on X

The Nissan claim comes shortly after the carmaker disclosed a separate data breach in December 2025. In that incident, a server managed by a third-party vendor, Red Hat, was compromised, exposing personal customer information but no financial details. 

Separately, the carmaker may have been affected by the recent cyberattack on Yazaki Group, a major automotive supplier, for which INC Ransom claimed responsibility. However, it is yet unknown whether the threat actor's claim is related to the confirmed breach. 

2026 PayPal Breach Allegations

On January 11, a threat actor using the alias Lud leaked a combolist containing 104,472 lines that reportedly concern PayPal customer credentials from an alleged breach dating back to December 2025.

Lud claims to have leaked PayPal credentials | HackManac on X
Lud claims to have leaked PayPal credentials | HackManac on X

While this claim is pending verification, TechNadu reported last month that the PayPal subscription feature was being abused in a sophisticated phishing campaign that sent emails from legitimate PayPal addresses, bypassing standard spam filters.

In August 2025, a hacker announced on a dark web forum the sale of a dataset reportedly containing 15.8 million PayPal user accounts with their plaintext passwords.

Add a Comment
Related
Healthcare industry, a target for cyberattackers
University of Hawaii (UH) Cancer Center Ransomware Attack Exposes Patients’ Social Security Numbers
California Privacy Protection Agency Enforces Ban on Datamasters Health Data Reselling, Enforces $45,000 Fine
instagram_icons
Instagram Denies Data Breach After Password Reset Emails, 6.2M Accounts Added to HIBP
School - Government - Network
From Breaches to Governance: A Week in Cyber Accountability Across Schools and States
Aisuru and Kimwolf Botnets Operational Mechanics: Uncovering the Beneficiaries
Snapchat Logo On Iphone Screen
Illinois Man Charged for Snapchat Social Engineering Scheme Exposing Intimate Images of Hundreds of Women
Most Popular
Healthcare industry, a target for cyberattackers
University of Hawaii (UH) Cancer Center Ransomware Attack Exposes Patients’ Social Security Numbers
California Privacy Protection Agency Enforces Ban on Datamasters Health Data Reselling, Enforces $45,000 Fine
instagram_icons
Instagram Denies Data Breach After Password Reset Emails, 6.2M Accounts Added to HIBP
School - Government - Network
From Breaches to Governance: A Week in Cyber Accountability Across Schools and States
Kentucky Mobile ID Rollout and Digital Identity Shift
Kentucky Launches Mobile ID App as State Expands Digital Identity and Age Verification Efforts
Aisuru and Kimwolf Botnets Operational Mechanics: Uncovering the Beneficiaries
University of Hawaii (UH) Cancer Center Ransomware Attack Exposes Patients’ Social Security Numbers
California Privacy Protection Agency Enforces Ban on Datamasters Health Data Reselling, Enforces $45,000 Fine
Instagram Denies Data Breach After Password Reset Emails, 6.2M Accounts Added to HIBP
From Breaches to Governance: A Week in Cyber Accountability Across Schools and States
Kentucky Launches Mobile ID App as State Expands Digital Identity and Age Verification Efforts
Aisuru and Kimwolf Botnets Operational Mechanics: Uncovering the Beneficiaries

Most Popular
Healthcare industry, a target for cyberattackers
University of Hawaii (UH) Cancer Center Ransomware Attack Exposes Patients’ Social Security Numbers
California Privacy Protection Agency Enforces Ban on Datamasters Health Data Reselling, Enforces $45,000 Fine
instagram_icons
Instagram Denies Data Breach After Password Reset Emails, 6.2M Accounts Added to HIBP
School - Government - Network
From Breaches to Governance: A Week in Cyber Accountability Across Schools and States
Kentucky Mobile ID Rollout and Digital Identity Shift
Kentucky Launches Mobile ID App as State Expands Digital Identity and Age Verification Efforts
Aisuru and Kimwolf Botnets Operational Mechanics: Uncovering the Beneficiaries
University of Hawaii (UH) Cancer Center Ransomware Attack Exposes Patients’ Social Security Numbers
California Privacy Protection Agency Enforces Ban on Datamasters Health Data Reselling, Enforces $45,000 Fine
Instagram Denies Data Breach After Password Reset Emails, 6.2M Accounts Added to HIBP
From Breaches to Governance: A Week in Cyber Accountability Across Schools and States
Kentucky Launches Mobile ID App as State Expands Digital Identity and Age Verification Efforts
Aisuru and Kimwolf Botnets Operational Mechanics: Uncovering the Beneficiaries

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: