A hacker breached the GitLab repositories of multinational car-rental firm Europcar Mobility Group and stole supply code for Android and iOS functions, in addition to some private info belonging to as much as 200,000 clients.
The actor tried to extort the corporate by threatening to publish 37GB of information that features backups and particulars in regards to the firm’s cloud infrastructure and inner functions.
Europcar Mobility Group is a subsidiary of Inexperienced Mobility Holding that operates the Europcar, Goldcar, and Ubeeqo manufacturers with a various providing of compact vehicles, luxurious autos, vans, and vans.
The corporate’s buyer base is substantial, unfold throughout 140 international locations in Europe, North America, Asia, and Africa.
Stolen SQL backups and app config information
In late March, a menace actor utilizing the corporate’s identify as an alias, introduced that they “efficiently breached Europcar’s methods and obtained all their GitLab repositories.”
supply: BleepingComputer
They claimed to have copied from the repositories greater than 9.000 SQL information with backups which have private knowledge, and not less than 269 .ENV information – used to retailer configuration settings for functions, surroundings variables, and delicate info.
To show that the breach shouldn’t be a hoax, Europcar the menace actor printed screenshots of credentials current within the supply code they stole.
BleepingComputer obtained affirmation that the compromise is actual and that Europcar Mobility Group is at the moment assessing the extent of the harm.
The menace actor’s declare that they stole all the corporate’s GitLab repositories shouldn’t be fully correct, although. We realized {that a} small a part of the supply code remained untouched.
Whereas the complete extent of the harm continues to be being evaluated, the stolen knowledge consists of solely names and e mail addresses of Goldcar and Ubeeqo customers. Based mostly on on-line statistics, the variety of affected clients could also be between 50,000 and 200,000, a few of them from 2017 and 2020.
Extra delicate info, like financial institution and card particulars, or passwords has not been uncovered.
The corporate is now within the strategy of notifying all impacted clients and has notified the information safety authority within the nation.
It’s unclear how the menace actor managed to realize entry to Europcar’s code repositories however many current breaches have been fueled by credentials stolen in infostealer compromises.
Final 12 months, Europcar was the goal of a faux breach, when somebody claimed on a hacker discussion board to own the non-public information (names, addresses, start dates, driver’s license numbers) of almost 50 million clients.
In 2022, a researcher found an admin token within the code of Europcar’s apps for cellular units (Android and iOS), which may very well be used to entry clients’ biometric particulars.
The difficulty was as a consequence of a improvement error and affected a number of cellular functions from different service suppliers.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and tips on how to defend towards them.
