A database of 384,319 BMW car owners in the U.K. is being offered for sale on an underground forum by the KelvinSecurity Team hacking group, according to KELA, a darknet threat intelligence firm, based in Tel Aviv.
A database of 384,319 BMW car owners in the U.K. is being offered for sale on an underground forum by the KelvinSecurity Team hacking group, according to KELA, a darknet threat intelligence firm, based in Tel Aviv.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
At ImmuniWeb, we\’re observing a rapid and uncontrolled proliferation of shadow and abandoned IT assets, spanning from unprotected cloud to vulnerable web applications with business-critical data. The situation is dramatically exacerbated by third-parties with privileged access to organizations’ data – exactly what has reportedly happened with BMW, when a supplier is to blame for the incident.
Why this is happening
Even though stolen credit card data is now becoming cheaper amid the pandemic, many methods of credit card use require physical activities and human presence, so are in fact costlier and riskier to implement amid COVID-19. The situation is, however, rather a temporary fluctuation than a long-term trend.
Against this background, attackers are shifting their malicious efforts to target other goods such as PII*. We should also expect skilled cybercriminals to attack organizations for their trade secrets and other types of intellectual property. Worse, some of such intrusions are never discovered or reported.
*Personally identifiable information (PII) is any data that could potentially identify a specific individual.