Personally identifiable information on nearly 400,000 BMW owners has been found for sale on the darkweb, according to a threat intelligence firm.
KELA, a Tel Aviv-based threat intelligence firm has said it discovered a database with 384,319 BMW owners, posted on a darkweb forum by a hacking collective known as the KelvinSecurity Team.
The dataset includes first and last names, email addresses, vehicle numbers, dealership information on nearly 400,000 BMW owners. KELA believes the hackers were able to gain access to the dataset via a call centre that works alongside a number of international manufacturers.
Once compromised, the call centre in question allowed hackers to gain access to data containing extremely sensitive information on car owners that can, and most likely will be used for phishing campaigns in the future.
For example, with information like the car model and the dealer’s name, a hacker can potentially write to the owner of a vehicle with a fraudulent safety recall order, prompting the recipient to click a button, link or attachment.
Once the victim follows their prompt, a tech-savvy hacker can run amok in their network and device, and set up lucrative means of identity theft and financial fraud.
According to a report from SC Magazine “KelvinSecurity Team has been highly active on underground forums, offering in June 2020 alone for sale 16 databases, including data related to U.S. government contractors and Russian military weapons development.”
The hacking collective has also dumped 28 corporate databases online for no charge, with businesses impacted in Australia, France, Sweden, the U.S., Iran, Mexico and Indonesia.
The dataset is said to contain nearly 400,000 customer records, collected between 2016 and 2018 of not just BMW owners, but also owners of Hyundai, Honda, SEAT and Mercedes Benz vehicles.
Jake Moore, security specialist with ESET has told TomsGuide that hackers could potentially use the information gathered from the data dump for “rather convincing phishing campaigns masquerading as BMW or a partner organisation.”
“I would recommend any vehicle owner to be extremely cautious when opening emails suggesting they are the likes of BMW and Mercedes from now on,” he said. “Phishing emails that request any further data can be used in conjunction with stolen data from the breach and could be used in a future attack or identity theft.”
Moore continued to explain that “it is now vital that all affected customers are extra vigilant whenever they receive unsolicited emails that appear to be from their manufacturer that request further information, personal, financial or otherwise as these could include links to well-crafted cloned websites.”