iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
US motorcycle manufacturing giant Harley-Davidson has addressed claims that threat actors breached its network and exfiltrated the data of as many as 66,000 customers.
Last week, infamous threat actor 888 claimed to have accessed 66,700 rows of customer data after it was exposed as a result of a data breach.
According to a post on an infamous hacking forum, the data includes “first name, last name, full name, address, city, state, ZIP code, email address, mobile phone, home phone, email preference, SMS preference, VIN, vehicle make, vehicle model, vehicle year, sale date, warranty exp date, last service date and more.”
The threat actor, 888, also posted a sample of the data containing a number of lines pertaining to alleged Harley-Davidson customers. Cyber Daily was unable to verify if the data was legitimate.
Now, in a brief statement, Harley-Davidson has said that its investigations to date suggest there has been no impact.
“We have thoroughly investigated and have not found that the Motor Company has been impacted,” said Harley-Davidson.
“While we are continuing to investigate, we do not expect that conclusion to change in any way.”
A member of the Cyber N—--s threat group run by infamous leaker IntelBroker, 888 has claimed breaches of a number of major companies in the past, including Shell, Heineken, Accenture, Shopify and Microsoft ANZ.
However, 888’s reputation for authentic data leaks has come into question in the past after a number of the companies listed above confirmed that the data breaches were fake or exaggerated.
Accenture in June said that 888’s data leak claims were false, with only three affected rather than the 32,000 listed, while Shopify denied the hack ever happening.
Microsoft also confirmed that no sensitive data was compromised in its alleged data breach.
The rest of the Cyber N—--s threat group, however, has a better reputation.
Most recently, IntelBroker claimed a major supply chain attack on Cisco, stealing large amounts of data belonging to it and its customers.
Data allegedly includes “Github projects, Gitlab Projects, SonarQube projects, source code, hard-coded credentials, certificates, customer SRCs, Cisco confidential documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!”
IntelBroker listed a handful of companies that allegedly “had their production source codes taken”, including Vodafone Australia, National Australia Bank (NAB), Microsoft, Bank of America, AT&T, and more. Cyber Daily has not been able to verify these claims.
Be the first to hear the latest developments in the cyber industry.
