BleepingComputer reports that major Indian car-sharing platform Zoomcar Holdings had information from 8.4 million users compromised following a breach of its systems identified last week.
While operations have not been impacted by the incident, unauthorized systems access enabled the exfiltration of customers' full names, phone numbers, home addresses, email addresses, and car registration numbers, said Zoomcar, which merged with U.S. blank check firm IOAC, in a filing with the U.S. Securities and Exchange Commission. Investigation into the extent of the breach is still underway but Zoomcar said that there has been no evidence so far suggesting the exposure of its users' plaintext passwords and financial details. Such a disclosure comes seven years after Zoomcar disclosed having over 3.5 million customers' information, including names, phone numbers, email and IP addresses, in a data breach. Attackers behind the compromise sold the pilfered data on a dark web marketplace two years later.
While operations have not been impacted by the incident, unauthorized systems access enabled the exfiltration of customers' full names, phone numbers, home addresses, email addresses, and car registration numbers, said Zoomcar, which merged with U.S. blank check firm IOAC, in a filing with the U.S. Securities and Exchange Commission. Investigation into the extent of the breach is still underway but Zoomcar said that there has been no evidence so far suggesting the exposure of its users' plaintext passwords and financial details. Such a disclosure comes seven years after Zoomcar disclosed having over 3.5 million customers' information, including names, phone numbers, email and IP addresses, in a data breach. Attackers behind the compromise sold the pilfered data on a dark web marketplace two years later.
