Ford is investigating allegations that it suffered an information breach after a risk actor claimed to leak 44,000 buyer information on a hacking discussion board.
The leak was introduced on Sunday by risk actor ‘EnergyWeaponUser,’ additionally implicating the hacker ‘IntelBroker,’ who supposedly took half within the November 2024 breach.
The risk actors leaked on BreachForums 44,000 Ford buyer information containing buyer info, together with full names, bodily areas, buy particulars, supplier info, and report timestamps.
The uncovered information aren’t extraordinarily delicate, however they nonetheless include personally identifiable info that would empower phishing and social engineering assaults concentrating on the uncovered people.
The risk actors didn’t try and promote the dataset however as a substitute supplied it to registered members of the hacker discussion board for eight credit, equal to slightly over $2.
Supply: BleepingComputer
BleepingComputer contacted Ford to validate the claims, and a spokesperson for the agency informed us they’re investigating the allegations.
“Ford is aware and is actively investigating the allegations that there has been a breach of Ford data. Our investigation is active and ongoing,” Ford informed BleepingComputer.
The involvement of IntelBroker within the breach lends some credibility to the risk actor’s allegations primarily based on the risk actor’s latest report.
The hacker has not too long ago achieved confirmed breaches at Cisco’s DevHub portal, Nokia (by a 3rd social gathering), Europol’s EPE net portal, and T-Cellular (by way of a vendor).
The areas talked about within the information samples leaked by the risk actors are from world wide, together with the USA.
To mitigate the dangers arising from this potential information publicity, deal with unsolicited communications cautiously and reject requests to disclose extra info beneath any pretense.
Replace 11/20 – Ford despatched BleepingComputer a further assertion primarily based on new findings from their ongoing investigation.
Ford’s investigation has decided that there was no breach of Ford’s techniques or buyer information. The matter concerned a third-party provider and a small batch of publicly obtainable sellers’ enterprise addresses. It’s our understanding that the matter has now been resolved. – A Ford spokesperson
