Zoomcar Data Breach Exposes Info of Over 8.4 mn Users

Indian car-sharing platform Zoomcar has confirmed a major data breach affecting at least 8.4 million users.

The company disclosed in a U.S. SEC filing that on June 9, a hacker accessed personal data including names, phone numbers, and car registration numbers.

The breach came to light after employees received messages from a threat actor claiming to possess company data. Zoomcar stated there’s no evidence of compromised financial details or passwords.

Following the discovery, it activated an incident response plan and strengthened internal security measures.

"The Company is also engaging with third-party cybersecurity experts to further assist with the investigation. The Company has also notified the appropriate regulatory and law enforcement authorities and is cooperating fully with their inquiries," it said in the filing.

The company has also notified regulatory and law enforcement authorities.

However, Zoomcar has yet to inform affected customers or share details about the hacker.

Founded in 2013, the Bengaluru-based company operates in 99 cities and several countries including Egypt, Indonesia, and Vietnam. Despite the breach, Zoomcar said its operations remain unaffected.