Thought Leadership
The Europcar Mobility Group has been the victim of a targeted cyber attack. Unknown persons gained access to the international car rental company’s GitLab repositories and captured both the source code of the mobile applications and customer data.
According to information from BleepingComputer, 50,000 to 200,000 users could be affected. The stolen information includes names and email addresses of customers of the Goldcar and Ubeeqo brands, some of which date back to 2017 and 2020.
Blackmail attempt with 37 GB of data
The attacker, who appeared in a corresponding forum under the company’s name, threatened to publish a total of 37 GB of stolen data. This includes over 9,000 SQL backup files and 269 configuration files (.ENV), which are used to store sensitive settings.
To prove the authenticity of the attack, the perpetrator published screenshots with access data from the stolen source code. Europcar has since confirmed the incident.
However, the attacker’s claim to have copied all of the company’s GitLab repositories is not entirely true – some of the source code remained untouched.
As far as we know so far, particularly sensitive information such as payment data or passwords have not been compromised. The company has already informed the relevant data protection authorities and is starting to notify affected customers.
It is still unclear exactly how the attacker was able to gain access. In the recent past, many similar incidents have been made possible byInfostealer malware, which taps into access data from compromised systems.
