You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

As many as 200k affected in Europcar data incident

As many as 200,000 customers of the Europcar Mobility Group (Europcar) have had their data compromised after threat actors breached the companies GitLab repositories.

As many as 200,000 affected in Europcar data incident
expand image

Europcar is one of the largest car-rental companies on the planet, with operations in over 140 countries.

Last month, as reported by BleepingComputer, a threat actor using the name “Europcar” claimed a cyber attack on the company of the same name and “obtained all [of] their Gitlab repositories”.

Within this was the cloud infrastructure, internal applications, the iOS and Android applications for Europcar and GoldCar, website back-ups, over 269 ENV files and over 9,000 SQL files which included back-ups with personal data.

“In total, we have more than 37GB of data, including 645,041 files and 183,476 folders,” wrote the threat actor.

The threat actor also requested that Europcar contact them to prevent the data being made public.

As evidence of the breach’s legitimacy, the threat actor posted screenshots of the source code which contained credentials.

Speaking with BleepingComputer, Europcar confirmed the breached and said it was currently investigating. However, the company said the claim that the breach covered all of the company’s GitLab repositories was false as some of the network remained unaccessed.

Customer data includes only names and email addresses of Ubeeqo and Goldcar users, two companies, like Europcar, that are part of Green Mobility Holding. No passwords, bank information or credit card details have been exposed.

Europcar is currently in the process of informing customers of the incident. According to statistics seen by BleepingComputer, the number affected is between 50,000 and 200,000, some of which are from 2017 to 2020.

The incident follows a similar incident from January 2024 in which threat actors claimed to have the data of 48,606,700 Europcar users.

Data included “full subdomains, administrator panels and (username, password, full name, address, city, zip, city of birth, city of issuance, passport number, expiration date, driver’s license number, DNi email, number, bank)”.

The threat actor also posted samples of the data belonging to 31 customers as verification of the data’s authenticity.

However, responding to an inquiry from BleepingComputer, Europcar said the breach was fake and that the threat actor had created falsified records using artificial intelligence (AI).

“After being notified by a threat intel service that an account pretends to sell Europcar data on the dark net and thoroughly checking the data contained in the sample, we are confident that this advertisement is false,” said Europcar.

The car rental company said the number of records listed is different to what Europcar has and that many of the email addresses and other details don’t exist, leading it to believe they are AI-generated.

It also said that none of the listed email addresses are in its database.

Troy Hunt of HaveIBeenPwned agrees that the hacker’s data is flawed and inconsistent with Europcar’s records.

However, Hunt said there is nothing to indicate that it was created using AI, adding that some of the emails are real and have been witnessed in other data breaches.

“We’ve had fabricated breaches since forever because people want airtime or to make a name for themselves or maybe a quick buck,” Hunt said.

“Who knows, it doesn’t matter, because none of that makes it ‘AI’ and seeking out headlines or sending spam pitches on that basis is just plain dumb.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.