"Following an attempted extortion, the data was published publicly and contained more than 12M email addresses across multiple files, including user account ID mappings, finance pre-qualification application data, and dealer account and subscription information."
"While it is unclear how the data was stolen, ShinyHunters is known for mounting sophisticated voice phishing (vishing) attacks that have compromised numerous organizations. More than 100 organizations were targeted in a recent ShinyHunters phishing campaign, with some of the latest incidents attributed to the hacking group impacting Optimizely, Figure, Panera Bread, and Crunchbase."
CarGurus, an automotive research and shopping website, suffered a significant data breach affecting over 12 million users. The extortion group ShinyHunters initially claimed theft of 1.7 million records but subsequently leaked a 6.1GB archive containing approximately 12.5 million accounts. Compromised data includes names, addresses, email addresses, phone numbers, and IP addresses, along with user account IDs, finance pre-qualification application data, and dealer account information. Approximately 70% of the exposed email addresses were previously compromised in other breaches. ShinyHunters is known for sophisticated voice phishing attacks targeting numerous organizations. CarGurus has not publicly acknowledged the incident.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]