Share this article on:
Powered by MOMENTUMMEDIA
Breaking news and updates daily.
As many as 200,000 customers of the Europcar Mobility Group (Europcar) have had their data compromised after threat actors breached the companies GitLab repositories.
Europcar is one of the largest car-rental companies on the planet, with operations in over 140 countries.
Last month, as reported by BleepingComputer, a threat actor using the name “Europcar” claimed a cyber attack on the company of the same name and “obtained all [of] their Gitlab repositories”.
Within this was the cloud infrastructure, internal applications, the iOS and Android applications for Europcar and GoldCar, website back-ups, over 269 ENV files and over 9,000 SQL files which included back-ups with personal data.
“In total, we have more than 37GB of data, including 645,041 files and 183,476 folders,” wrote the threat actor.
The threat actor also requested that Europcar contact them to prevent the data being made public.
As evidence of the breach’s legitimacy, the threat actor posted screenshots of the source code which contained credentials.
Speaking with BleepingComputer, Europcar confirmed the breached and said it was currently investigating. However, the company said the claim that the breach covered all of the company’s GitLab repositories was false as some of the network remained unaccessed.
Customer data includes only names and email addresses of Ubeeqo and Goldcar users, two companies, like Europcar, that are part of Green Mobility Holding. No passwords, bank information or credit card details have been exposed.
Europcar is currently in the process of informing customers of the incident. According to statistics seen by BleepingComputer, the number affected is between 50,000 and 200,000, some of which are from 2017 to 2020.
The incident follows a similar incident from January 2024 in which threat actors claimed to have the data of 48,606,700 Europcar users.
Data included “full subdomains, administrator panels and (username, password, full name, address, city, zip, city of birth, city of issuance, passport number, expiration date, driver’s license number, DNi email, number, bank)”.
The threat actor also posted samples of the data belonging to 31 customers as verification of the data’s authenticity.
However, responding to an inquiry from BleepingComputer, Europcar said the breach was fake and that the threat actor had created falsified records using artificial intelligence (AI).
“After being notified by a threat intel service that an account pretends to sell Europcar data on the dark net and thoroughly checking the data contained in the sample, we are confident that this advertisement is false,” said Europcar.
The car rental company said the number of records listed is different to what Europcar has and that many of the email addresses and other details don’t exist, leading it to believe they are AI-generated.
It also said that none of the listed email addresses are in its database.
Troy Hunt of HaveIBeenPwned agrees that the hacker’s data is flawed and inconsistent with Europcar’s records.
However, Hunt said there is nothing to indicate that it was created using AI, adding that some of the emails are real and have been witnessed in other data breaches.
“We’ve had fabricated breaches since forever because people want airtime or to make a name for themselves or maybe a quick buck,” Hunt said.
“Who knows, it doesn’t matter, because none of that makes it ‘AI’ and seeking out headlines or sending spam pitches on that basis is just plain dumb.”
Be the first to hear the latest developments in the cyber industry.