Ethical Hacking News
Ford Motor Company is investigating allegations of a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. The leaked data contained sensitive information about Ford customers, including their names, physical locations, purchase details, dealer information, and record timestamps. While the exposure is not considered extremely severe, it still poses risks to individuals whose personal information was compromised.
Ford Motor Company is investigating allegations of a data breach after customer records were leaked on a hacking forum.The leaked records contain 44,000 customer records with personally identifiable information that could be used for phishing and social engineering attacks.The incident has been linked to threat actor 'EnergyWeaponUser' and hacker 'IntelBroker', who have also claimed responsibility for other breaches.Ford's investigation concluded there was no breach of the company's systems or customer data, but rather a third-party supplier issue.The incident highlights the importance of companies prioritizing data protection and implementing robust security measures to safeguard customer information.
Ford Motor Company is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. The leak was announced on Sunday by threat actor 'EnergyWeaponUser,' also implicating the hacker 'IntelBroker,' who supposedly took part in the November 2024 breach.
The threat actors leaked on BreachForums 44,000 Ford customer records containing customer information, including full names, physical locations, purchase details, dealer information, and record timestamps. The exposed records aren't extremely sensitive, but they still contain personally identifiable information that could empower phishing and social engineering attacks targeting the exposed individuals.
The threat actors did not attempt to sell the dataset but instead offered it to registered members of the hacker forum for eight credits, equal to a little over $2. According to BleepingComputer, Ford is aware of the allegations and is actively investigating the claims. A spokesperson for the firm told us that they are looking into the matter.
The involvement of IntelBroker in the breach lends some credibility to the threat actor's allegations based on the threat actor's recent record. The hacker has recently achieved confirmed breaches at Cisco's DevHub portal, Nokia (through a third party), Europol's EPE web portal, and T-Mobile (via a vendor).
The locations mentioned in the data samples leaked by the threat actors are from around the world, including the United States. To mitigate the risks arising from this potential data exposure, it is recommended that individuals treat unsolicited communications cautiously and reject requests to reveal more information under any pretense.
Ford has since provided an update on their investigation. According to a statement from Ford spokesperson, "Our investigation has determined that there was no breach of Ford’s systems or customer data. The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses." It is also noted that the matter has now been resolved.
In recent times, several high-profile companies have suffered data breaches, including Casio, which confirmed customer data stolen in a ransomware attack, Dell, which investigated data breach claims after hacker leaks employee info, and Leaked info of 122 million linked to B2B data aggregator breach.
In the automotive sector, Ford has been investigating the alleged breach following the leak of customer records on a hacking forum. The leaked data contained sensitive information about Ford customers, including their names, physical locations, purchase details, dealer information, and record timestamps. While the exposure is not considered extremely severe, it still poses risks to individuals whose personal information was compromised.
The incident highlights the need for companies to prioritize data protection and implement robust security measures to safeguard customer information. It also underscores the importance of vigilance in detecting and responding to potential breaches.
In conclusion, Ford's investigation into the alleged breach following the leak of customer records on a hacking forum has concluded that there was no breach of the company's systems or customer data. The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses, which were resolved without any further action required by the company.
Related Information:
https://www.bleepingcomputer.com/news/security/ford-investigates-alleged-breach-following-customer-data-leak/
Published: Wed Nov 20 07:49:54 2024 by llama3.2 3B Q4_K_M
