Real cases

Data since 2012

Have you discovered a vulnerability?
Real cases of hacked carsDate
U.S. railroad operator is victim of ransomwareEne 2021Read More
Headline U.S. railroad operator is victim of ransomware
Year 2021
Month Enero
Country United States
Description 

The railroad company OmniTRAX -based in Colorado, USA- suffered a ransomware attack that was originally aimed at its parent company, the multinational Broe Group. The perpetrators – a group known as Conti – claimed responsibility for the attack after publishing some of the information stolen from the operator. It should be remembered that ransomware is a type of attack that consists of the theft or encryption of data, in which the criminals ask for a ransom in exchange for the release of the ‘kidnapped’ information.

 

Intentionality Cracker
Target Empresa
Company OmniTRAX
Type of company Railway Operator
Data / Life Datos
Access Remoto
Recognized by brand 
Source https://finance.yahoo.com/finance/news/ransomware-attack-hits-short-line-140331188.html?&web_view=true
Roadside assistance employee collects and sells user data to another companyEne 2021Read More
Headline Roadside assistance employee collects and sells user data to another company
Year 2021
Month Enero
Country United Kingdom
Description 

An employee of RAC – one of the UK’s leading roadside assistance companies – is caught manipulating user data without authorization. The investigation concludes that, in exchange for financial compensation, he gave them to a legal firm specializing in road traffic accidents. The information sold included names, telephone numbers and license plates of a large number of customers who had recently turned to RAC following an accident.

 

Intentionality Cracker
Target Empresa
Company RAC
Type of company Road Assistance
Data / Life Datos
Access Aplicación
System Databases
Recognized by brand 
Source https://www.theregister.com/2021/01/11/rac_staffer_unauthorised_computer_access/
Data from a U.S. components company is stolen and published.Ene 2021Read More
Headline Data from a U.S. components company is stolen and published.
Year 2021
Month Enero
Country United States
Description 

The NetWalker cracker group – famous for its ransomware attacks, which consist of stealing or encrypting information and demanding a ransom for it – released a 3 GB file containing sensitive data from NameSouth, a U.S. automotive components company. The file – revealed after the company refused to pay the ransom – contains, among other information, tax IDs, names, customer addresses, credit card details and telephone numbers.

 

Intentionality Cracker
Target Vehículo
Company NameSouth
Type of company Components Company
Data / Life Datos
Access Remoto
System Database
Recognized by brand 
Source https://cybernews.com/security/after-refusing-to-pay-ransom-us-based-auto-parts-distributor-has-sensitive-data-leaked-by-cybercriminals/?web_view=true
Carsharing company Communauto suffers cyber attackEne 2021Read More
Headline Carsharing company Communauto suffers cyber attack
Year 2021
Month Enero
Country Canada
Description 

The Canadian company Communauto – dedicated to the carsharing sector – suffered a cyber-attack, which exposed the personal data of some of its users – names, subscriber numbers, postal addresses… -. According to the company’s managers, what the crackers did not manage to do was to access the application’s payment platform, as this depends on an external entity.

Intentionality Cracker
Target Empresa
Company Communauto
Type of company Car Sharing
Data / Life Datos
Access Remoto
System Data bases
Recognized by brand 
Source https://montrealgazette.com/news/local-news/communauto-hit-by-cyber-attack?&web_view=true
TransLink employees suffer bank data theftEne 2021Read More
Headline TransLink employees suffer bank data theft
Year 2021
Month Enero
Country Canada
Description 

After apparently successfully stopping a ransomware cyber-attack in December 2020, TransLink – responsible for public transport in Vancouver, Canada – has discovered that the crackers – a group called ‘Egregor’ – did manage to access employees’ banking information stored on its servers in order to manage their registration, termination, payroll and salary compensation.

Intentionality Cracker
Target Empresa
Company TransLink
Type of company Public Transport
Data / Life Datos
Access Remoto
System Servidores
Recognized by brand 
Source https://www.bleepingcomputer.com/news/security/translink-confirms-ransomware-data-theft-still-restoring-systems/?&web_view=true
Nissan mistakenly publishes internal informationEne 2021Read More
Headline Nissan mistakenly publishes internal information
Year 2021
Month Enero
Country United States
Description 

Nissan North America – the Japanese brand’s subsidiary for the US and Canada – mistakenly published the source code of its mobile applications and other internal tools used by the brand’s employees in the region. Researcher Tillie Kottmann found, in addition to the above, parts of the diagnostic software of the official workshops, access to the internal portals of distribution and logistics and even marketing tools. The cause of the leak was an error – on the part of the brand – in the configuration of the server hosting this information, demonstrating the potential consequences of not having adequate cybersecurity training for employees.

 

Intentionality Hacker
Target Empresa
Company Nissan North America
Type of company Automotive Manufacturer
Data / Life Datos
Access Remoto
Recognized by brand 
Source https://www.industryweek.com/technology-and-iiot/article/21151660/data-leak-hits-nissan-north-america
Chinese cyber criminals threaten the automotive industryDic 2020Read More
Headline Chinese cyber criminals threaten the automotive industry
Year 2020
Month Diciembre
Country China
Description 

The cracker group known as APT10 – of Chinese origin and apparently backed by the Chinese government – exploited various vulnerabilities in Windows operating systems – such as the well-known ‘ZeroLogon’ – to gain access to the websites of a number of Western companies. These include those of several automobile manufacturers around the world. It is suspected that the crackers’ intention was to spy on the movements of each company, as well as to try to obtain internal company data through unauthorized access.

Intentionality Cracker
Target Empresa
Company Various
Type of company 
Data / Life Datos
Access Aplicación
Recognized by brand No
Source https://securityboulevard.com/2020/12/china-cyber-attacks-the-current-threat-landscape/
U.S. Logistics operator suffers ransomware attackDic 2020Read More
Headline U.S. Logistics operator suffers ransomware attack
Year 2020
Month Diciembre
Country United States
Description 

Forward Air -one of the main US logistics operators- receives a strong cyberattack through ransomware that interrupts its operations and billing. The perpetrators – a group known as “Hades”- hijack a large amount of sensitive data, threatening to erase it forever if they do not receive a financial ransom in return.

Intentionality Cracker
Target Empresa
Company Forward Air
Type of company Transport
Data / Life Datos
Access Remoto
System Data bases
Recognized by brand 
Source https://www.freightwaves.com/news/news-alert-forward-air-reveals-ransomware-attack-warns-of-revenue-hit
Israeli insurance company extorted with stolen driver dataDic 2020Read More
Headline Israeli insurance company extorted with stolen driver data
Year 2020
Month Diciembre
Country Israel
Description 

A group of crackers called themselves ‘Black Shadow’ successfully attacks the internal servers of the Israeli insurer Shirbit. They steal a large amount of their clients’ personal data – names and surnames, addresses, license plates of the insured vehicles, scanned documents … – and threaten the company itself with spreading them on the Internet if they do not pay a certain amount of ‘bitcoins’ in concept ransomware – what is called ransomware.

Intentionality Cracker
Target Empresa
Company Shirbit
Type of company Insurance
Data / Life Datos
Access Remoto
System Company internal servers
Recognized by brand 
Source https://www.timesofisrael.com/hackers-say-they-sold-batch-of-information-stolen-from-israeli-insurance-firm/

Calls for review
EUROCYBCAR test


Logotipo de Eurocybcar


Este sitio web utiliza cookies para que usted tenga la mejor experiencia de usuario. Si continúa navegando está dando su consentimiento para la aceptación de las mencionadas cookies y la aceptación de nuestra política de cookies, pinche el enlace para mayor información.plugin cookies

ACEPTAR
Aviso de cookies