Threat Actor: @888 | @888
Victim: BMW Hong Kong | BMW Hong Kong
Price: Not disclosed
Exfiltrated Data Type: Customer data, including vehicle and personal information
Key Points :
- Data Volume: 14,057 rows of customer data were reportedly exposed.
- Compromised Information: Includes vehicle makes, chassis numbers, registration details, customer names, contact information, and marketing preferences.
- Data Types: Vehicle information, personal details, and contact preferences.
- Company Revenue: BMW is part of a global automotive giant with a revenue of $168.4 billion.
- Security Implications: The incident highlights the need for improved cybersecurity measures for companies handling sensitive data.
In August 2024, a threat actor known as @888 claimed to have breached BMW Hong Kong’s database, resulting in the exposure of 14,057 rows of customer data. This breach allegedly contains more information than a previous leak from the same entity. The compromised data announcedly includes vehicle makes, chassis numbers, registration details, customer names, contact information, and marketing preferences.
Key Details of the Breach:
The leaked data is said to include various customer-related details:
- Vehicle Information: Make, chassis, registration number, and model series.
- Personal Details: Vehicle owner’s account, salutation, first and last names, and whether they are corporate customers.
- Contact Preferences: Opt-out options for calls and SMS.
The actor has provided samples of the data, and though the claims are not yet verified, this incident underscores the critical need for robust cybersecurity measures, especially for companies handling sensitive customer information. BMW Hong Kong, part of the global automotive giant with a revenue of $168.4 billion, now faces serious questions about its data security practices.
The post A Threat Actor Alleged BMW Hong Kong Data Breach appeared first on Daily Dark Web.