Automotive marketplace CarGurus was the target of a data breach in which the names, email addresses, phone numbers and physical addresses of millions of customers were stolen.
Data notification site provider Have I Been Pwned is reported by security researcher Troy Hunt. 12.5 million Karguru accounts Compromised in a data breach.
CarGurus, founded in 2006, operates an online marketplace that allows customers to buy, sell and finance vehicles.
Should I Pwned hold the ShinyHunters hacking group responsible for the breach.
The ShinyHunters group is known for their social engineering skills, such as calling the helpdesk and pretending to be employees who need to reset their password. Hackers have used their social engineering skills to steal tons of data many universitiesAbove a billion records From Salesforce customers, including Google And weekdayMore recent hack claims pornhub And Fintech lending giant.
TechCrunch has contacted CarGurus for comment and will update this article if the company responds.
According to Have I Been Pwned, the customer data published included user account ID mappings, finance pre-qualification application data, and dealer account and membership information.
This is the second automotive-related data breach reported by Have I Been Pond this year. Last month, data from CarMax was reportedly published after a failed extortion attempt, Data breach notification site reported. The data breach involved approximately 431,000 unique email addresses along with names, phone numbers and physical addresses.
