CarGurus Data Breach Exposes 12.5 Million Customer Accounts in Major Cyber Attack
CarGurus data breach exposes 12.5 million customer accounts, including names, emails, phone numbers, and addresses. The cybersecurity incident linked to ShinyHunters raises concerns over identity theft and online marketplace security.
Tech Author
CarGurus, an online car marketplace, revealed a major data breach that exposed millions of customers' personal information. According to the data breach tracking website Have I Been Pwned, about 12.5 million CarGurus accounts were exposed during the attack. The disclosed information purportedly includes names, email addresses, phone numbers, and physical addresses.
CarGurus, created in 2006, is a popular online platform for buying, selling, and financing vehicles. The organization connects buyers with car dealers in various regions. While the site is still fully operational, the cybersecurity breach has raised severe worries about data security and online privacy.
Troy Hunt, a security expert who runs Have I Been Pwned, attributed the intrusion to the hacking group ShinyHunters. This group is well-known for utilizing social engineering strategies. They frequently claim to be corporate personnel and contact support desks to reset passwords. ShinyHunters has already claimed responsibility for several high-profile breaches, including attacks on institutions and major technology companies.
CarGurus spokesperson confirmed that the company encountered a cybersecurity incident, but that it has now been resolved. It also stated that there is no evidence that dealer systems, APIs, or core products were compromised. The corporation also stated that it will notify affected individuals as required by law.
According to sources, the exposed data consists of user account ID mappings, finance prequalification application details, and dealer account information. Although no bank passwords or payment information were disclosed, the stolen data could be used for phishing scams, identity theft, or targeted fraud. This is not the first time this year that the car industry has had a breach of privacy. A recent issue involving CarMax revealed thousands of consumer email addresses and personal information.
The CarGurus data breach highlights the growing risk of cyber attacks in online marketplaces. As more people rely on digital platforms for buying and selling vehicles, companies must strengthen their cybersecurity measures to protect customer data. Users are also advised to monitor their accounts and stay alert for suspicious emails or messages following such data leaks.
Information referenced in this article is from Tech Crunch
