A recent cyberattack has exposed customer data at Europcar Mobility Group. Hackers accessed the company’s private GitLab repositories and stole sensitive files. The breach revealed source code from mobile apps and personal data from up to 200,000 customers.
The threat actor behind the attack attempted extortion. They threatened to leak 37GB of stolen data unless demands were met. The exposed files included backups, cloud infrastructure details, and internal app configurations.
Europcar, a brand under Green Mobility Holding, operates in over 140 countries. The company manages rental services through Europcar, Goldcar, and Ubeeqo.
Data Leak Includes SQL Files and App Settings
In late March, the hacker claimed to have breached all of Europcar’s GitLab repositories. They said they obtained over 9,000 SQL backups and at least 269 environment configuration files. These files often contain critical app settings and private credentials.
To validate the breach, the attacker shared screenshots showing stolen credentials from the source code. Europcar has confirmed the incident is legitimate and is investigating its full impact.
Limited Scope of Personal Information
Despite the breach, only names and email addresses from Goldcar and Ubeeqo users were exposed. Current estimates suggest between 50,000 and 200,000 customers may be affected. Some of the data dates back to 2017 and 2020.
The company confirmed that no passwords or financial data were involved. Europcar is notifying affected individuals and has informed the relevant data protection authorities.
Source of Breach Still Unclear
It’s not yet known how access was gained. However, many recent attacks have exploited stolen credentials from infostealer malware. Europcar has faced security issues before. In 2022, a researcher found a critical admin token in the company’s mobile apps.
A year later, someone falsely claimed to have data on 50 million Europcar users. That incident turned out to be a hoax. This latest attack, however, has been verified.
Europcar is currently reviewing its systems and strengthening defenses to prevent future breaches.
