iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Major US car manufacturer General Motors (GM) has revealed that it detected suspicious activity affecting a number of customer accounts.
According to media reports, GM discovered the activity on 24 May 2024, and the incident occurred just under a week earlier on 18 May.
The incident is believed to be a credential stuffing attack targeting the GM accessories website. The company said that an unauthorised party attempted to access 65 GM accounts to purchase products such as pens, jewellery, backpacks and other accessories.
Based on investigations to date, GM believes that an unrelated data leak provided the threat actor with a list of login credentials, which were used for the attack.
Alongside with the potential ability to make purchases on the affected accounts, GM said the threat actor could have also accessed data such as first and last names, phone numbers, personal addresses and partial card information such as the last four digits of a credit card. However, GM said that social security numbers, driver’s license data and dates of birth were not accessible.
At this stage, there is no evidence that any of this data has been misused by the threat actors.
It is also not known how much the threat actors purchased, but as seen by CyberNews, products range from $4 to almost $4,000. GM said it had refunded any unauthorised payments made on the affected accounts.
The threat actor is unknown, as well as the source of the credentials used in the credential stuffing attack.
The GM incident comes just a month after car dealerships across the US had their operations brought to a standstill following a cyber attack on CDK Global.
The company provides software for car dealership operations, such as CRM, payroll, support and service, inventory, financing, sales and more. General Motors dealerships and Group 1 Automotive are just two of its customers.
CDK Global announced on 19 June that it had detected a cyber attack on its systems.
“We are currently experiencing a cyber incident. Out of caution and concern for our customers, we have shut down a majority of our systems,” CDK spokesperson Lisa Finney said in a statement seen by media.
“We are currently assessing the overall impact and currently have no ETA.”
“We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online.”
As of earlier this month, not all impacted dealers have had operations completely restored. There were also rumours of a ransom note, but the nature of the incident has not been confirmed by CDK Global.
Be the first to hear the latest developments in the cyber industry.
