Ford investigates an alleged security breach after a data leak

November 21, 2024
Ford Security Breach Data Leak Cyberattack Car Manufacturer

One of the United States’ first car manufacturing companies, Ford, is investigating an alleged data breach that compromised its system.

Reports revealed that a data leak that included the firm’s customers’ information had prompted an immediate investigation. The accusation emerged after a threat actor claimed to have leaked at least 44,000 records on a dark web hacker forum.

 

The unconfirmed data leak that impacted Ford occurred earlier this month.

 

Relevant parties have raised concerns about the Ford data breach incident after a threat actor named EnergyWeaponUser announced the nature of the data leak earlier this month. Moreover, the threat actor has implicated the notorious hacker IntelBroker since it allegedly participated in the November 2024 breach.

The threat actors exposed 44,000 Ford customer records to BreachForums. Some confirmed details included in the leaked data set are full names, physical addresses, purchase details, dealer information, and record timestamps.

The revealed records are not susceptible to sophisticated attacks but contain personally identifiable information (PII) that other malicious entities could use for phishing and social engineering attacks.

The threat actors did not seek to sell the dataset, instead offering it to registered members of the hacker community for eight credits, or slightly more than $2. On the other hand, the affected company has yet to verify the threat actors’ claims and address inquiries from various parties that want to clarify the issue.

However, Ford stated in one of its responses that it is aware of the accusations and is actively investigating the breach of Ford’s data. Additionally, the company assured its customers that its investigation was ongoing to know more about the alleged attack.

Still, IntelBroker’s involvement in the campaign may have proven the claims since it has credibility based on its previous track record of claiming breaches. Some of IntelBroker’s latest cyberattack claims include the breaches of Cisco’s DevHub portal, Europol’s EPE online portal, T-Mobile, and Nokia (via a third party).

The threat actors’ disclosed data samples include locations worldwide, especially in the United States. Customers potentially impacted by the data breach should be wary of unsolicited messages since the stolen data includes PII. Being cautious of such threats will also reduce the risks of this potential data exposure.

About the author