Article Details
Scrape Timestamp (UTC): 2024-11-20 13:16:41.007
Original Article Text
Click to Toggle View
Ford investigates alleged breach following customer data leak. Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. The leak was announced on Sunday by threat actor 'EnergyWeaponUser,' also implicating the hacker 'IntelBroker,' who supposedly took part in the November 2024 breach. The threat actors leaked on BreachForums 44,000 Ford customer records containing customer information, including full names, physical locations, purchase details, dealer information, and record timestamps. The exposed records aren't extremely sensitive, but they still contain personally identifiable information that could empower phishing and social engineering attacks targeting the exposed individuals. The threat actors did not attempt to sell the dataset but instead offered it to registered members of the hacker forum for eight credits, equal to a little over $2. BleepingComputer contacted Ford to validate the claims, and a spokesperson for the firm told us they are investigating the allegations. "Ford is aware and is actively investigating the allegations that there has been a breach of Ford data. Our investigation is active and ongoing," Ford told BleepingComputer. The involvement of IntelBroker in the breach lends some credibility to the threat actor's allegations based on the threat actor's recent record. The hacker has recently achieved confirmed breaches at Cisco's DevHub portal, Nokia (through a third party), Europol's EPE web portal, and T-Mobile (via a vendor). The locations mentioned in the data samples leaked by the threat actors are from around the world, including the United States. To mitigate the risks arising from this potential data exposure, treat unsolicited communications cautiously and reject requests to reveal more information under any pretense. Update 11/20 - Ford sent BleepingComputer an additional statement based on new findings from their ongoing investigation. Ford’s investigation has determined that there was no breach of Ford’s systems or customer data. The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses. It is our understanding that the matter has now been resolved. - A Ford spokesperson
Daily Brief Summary
Ford is probing into an alleged data breach announced by the threat actor 'EnergyWeaponUser' involving 44,000 customer records.
Leaked data includes names, physical locations, purchase details, and dealer information, potentially aiding phishing and social engineering attacks.
The breach is tied to the activity of hacker 'IntelBroker,' known for multiple confirmed breaches, adding credibility to the claims.
The compromised data had a low sale price on BreachForums, offered for just over $2 worth of credits.
Ford responded to the claim stating an active investigation into the breach, which they initially believed impacted Ford's data directly.
The investigation later revealed the issue originated from a third-party supplier and the leaked data was a minor batch of publicly available information.
Ford reassures that substantial systems or sensitive customer data were not compromised as initially feared.
Following the incident, Ford and possibly affected customers are advised to remain vigilant against unsolicited communications and information requests.