The Coinbase Cartel group has claimed responsibility for a significant data breach impacting CEVA Logistics, a global supply chain and freight management company headquartered in France. The company, which reports $20.2 billion in revenue, designs and implements logistics and transportation solutions for national and multinational companies.
The threat actor group has listed the CEVA Logistics database for sale on its data leak site, undermining the company’s “asset-light” operational model by allegedly exfiltrating sensitive corporate and client data.
The breach appears to be extensive. According to the actor, the compromised data includes a wide array of sensitive information pulled from the company’s databases. Images provided as proof of access suggest the following data types have been stolen:
- Full database schemas, including tables for ‘Accounts’, ‘Client’, ‘Costs’, and ‘Agent’
- Client and customer corporate information
- Contact names
- Full addresses
- Email addresses
- Phone and fax numbers
- VAT (Value Added Tax) numbers
- Financial data, including client credit limits
