P2022-ND-021

Nissan Canada Finance

? On or about February 4, 2021, a perpetrator unlawfully accessed an Amazon Web Services (AWS) server on three separate instances using two different IP addresses.
? The perpetrator exploited a vulnerability on one of Organization?s AWS servers and, upon searching the compromised server, was able to obtain a single salesforce system ID.
? This ID was of limited scope and the perpetrator used it access the recent ?activity view? of interactions of that specific ID on February 6, 2021.

File Type: pdf
Categories: 2022
Tags: Unauthorized access