A threat actor claims to have obtained a vast amount of data from a prominent Indian automobile dealer. The company, established in 2015 with a net worth of $2 billion, operates as an online buyer and seller of used cars, with headquarters in India and operations in Thailand, UAE, and Australia. The breached data reportedly includes:
- KYC information for 70,000 customers in the UAE (bank statements, driver’s licenses, Emirates IDs, passports, etc.)
- CIBIL data for 1.8 million users in India (name, date of birth, address, email, phone number, credit score, etc.)
- Limited KYC details of citizens from Thailand and Australia
- Internal communication emails
- Financial records of the organization
- API logs
The threat actor also claims to have access to certain systems belonging to the company. They demand that the organization repurchase their data; otherwise, it will be auctioned off. The actor has provided a limited sample to support their claim.