CyberSecurity news
FlagThis
@Latest from ITPro
//
Europcar Mobility Group has confirmed a data breach affecting potentially up to 200,000 customers. The breach occurred through unauthorized access to the company’s GitLab repositories. According to reports, the stolen data includes source code for Europcar's Android and iOS mobile applications, as well as personal data linked to tens of thousands of customers. This incident raises significant security concerns, as the exposure of source code could potentially reveal vulnerabilities that could be exploited in future attacks.
Europcar is currently assessing the full extent of the damage caused by the breach. Preliminary findings indicate that the compromised data includes names and email addresses of users belonging to the Goldcar and Ubeeqo brands. The compromised records date back as far as 2017 and 2020. Europcar maintains that no financial information, passwords, or biometric details were exposed. The company has notified data protection authorities and has begun the process of informing affected customers about the incident.
The attacker reportedly claimed responsibility for the breach in late March and attempted to extort Europcar, threatening to release 37GB of stolen data. The data allegedly includes internal backups, infrastructure documentation, and application source code. Europcar has denied that all of its GitLab repositories were compromised, but has confirmed that the threat actor accessed over 9,000 SQL files and 269 environment configuration files. The method of access remains unclear, although similar breaches often involve stolen credentials obtained through infostealer malware. The investigation is ongoing.
ImgSrc: cdn.mos.cms.fut
References :
Europcar is currently assessing the full extent of the damage caused by the breach. Preliminary findings indicate that the compromised data includes names and email addresses of users belonging to the Goldcar and Ubeeqo brands. The compromised records date back as far as 2017 and 2020. Europcar maintains that no financial information, passwords, or biometric details were exposed. The company has notified data protection authorities and has begun the process of informing affected customers about the incident.
The attacker reportedly claimed responsibility for the breach in late March and attempted to extort Europcar, threatening to release 37GB of stolen data. The data allegedly includes internal backups, infrastructure documentation, and application source code. Europcar has denied that all of its GitLab repositories were compromised, but has confirmed that the threat actor accessed over 9,000 SQL files and 269 environment configuration files. The method of access remains unclear, although similar breaches often involve stolen credentials obtained through infostealer malware. The investigation is ongoing.
ImgSrc: cdn.mos.cms.fut
Share:
References :
- techhq.com: Up to 200,000 Europcar users affected in GitLab security breach
- www.it-daily.net: Europcar hacked: Up to 200,000 customer data at risk
- www.itpro.com: Europcar data breach could affect up to 200,000 customers
- www.scworld.com: Up to 200K purportedly impacted by Europcar GitLab breach
- Techzine Global: Data breach at Europcar: GitLab hack affects up to 200,000 customers
Classification:
- HashTags: #DataBreach #GitLab #Cybersecurity
- Company: Europcar
- Target: Europcar Customers
- Attacker: Europcar
- Product: GitLab
- Feature: GitLab Repositories
- Type: DataBreach
- Severity: Major