A hacker recently breached the GitLab repositories of Europcar Mobility Group, stealing sensitive source code for Android and iOS applications. The hacker also obtained personal data, including names and email addresses of up to 200,000 customers from Goldcar and Ubeeqo. The attacker attempted to extort the company, threatening to release 37GB of data, including backups, cloud infrastructure details, and internal application information. Europcar, a subsidiary of Green Mobility Holding, operates popular car rental brands in over 140 countries, making this breach a serious concern for both the company and its customers.
The hacker, using an alias that included Europcar’s name, claimed to have stolen over 9,000 SQL backups containing personal information.
In addition to the SQL backups, at least 269 .ENV files were taken, containing application settings and sensitive details. Although the attacker provided screenshots of the stolen credentials to prove the breach, Europcar confirmed only a small portion of the repositories were compromised. The stolen data appears to be limited to customer names and email addresses, which could impact between 50,000 and 200,000 individuals from the years 2017 to 2020.
Europcar has started investigating the breach and is working to notify all affected customers. The company is also in contact with data protection authorities to comply with regulations. They confirmed that no sensitive financial information like bank or card details was exposed in the breach. Although Europcar acknowledged the breach, they refuted the hacker’s claim of full repository access, stating that part of the code remained secure.
As the company assesses the full extent of the damage, it continues to urge its users to stay alert for any unusual activities.
It remains unclear how the hacker accessed Europcar’s code repositories, but phishing or malware-based compromises are considered the most likely causes. Last year, Europcar faced a similar situation when a hacker falsely claimed to possess personal information on millions of customers. Europcar did not confirm whether it paid the ransom demanded by the hacker. The stolen data is now being advertised on underground forums, and Europcar is advising developers to verify the authenticity of repositories when using platforms like GitHub to prevent future breaches.
Reference:
