The international mobility company Europcar is facing a massive IT security breach. A previously unknown hacker apparently gained unauthorised access to internal development systems and sensitive customer data - including source codes of mobile applications and information of up to 200,000 users.
According to reports, the perpetrator published extracts of the captured data, including backup files and access data, in relevant forums. The source of the attack remains unclear, but it is suspected that stolen login data via malware (so-called infostealers) played a role.
The compromised information mainly concerns users of the company's subsidiary brands, such as the car sharing service Ubeeqo and the low-cost provider Goldcar. Particularly explosive: parts of the Group's technical infrastructure are also said to have been exposed. Europcar itself confirmed the incident and is currently investigating the extent of the security breach. However, according to the current state of knowledge, payment information or passwords were not affected. According to the company, the relevant data protection authorities have been informed and affected users are to be notified.
Source: www.heise.de