• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

US Car Giant General Motors Hit by Cyber-Attack Exposing Car Owners’ Personal Info

You are here: Home / General Cyber Security News / US Car Giant General Motors Hit by Cyber-Attack Exposing Car Owners’ Personal Info
May 24, 2022

US automobile producer Common Motors (GM) declared that it was strike by a credential stuffing attack past month that uncovered purchaser facts and allowed hackers to redeem benefits factors for reward cards.

GM claimed that they detected the malicious login activity amongst April 11-29 2022.

“We are crafting to stick to-up on our [DATE] email to you, advising you of a information incident involving the identification of latest redemption of your reward details that seems to be without your authorization,” GM stated in a data breach notification sent to impacted shoppers.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


A credential stuffing attack is a cyber-attack in which credentials attained from a former data breach on a single provider are utilised to attempt to log in to yet another unrelated company.

“Dependent on the investigation to day, there is no proof that the log in information was received from GM alone,” GM claimed in a different data breach notification.

“We consider that unauthorized events received entry to buyer login qualifications that were being previously compromised on other non-GM internet sites and then reused individuals credentials on the customer’s GM account.”

The individual information and facts of affected shoppers features initially and last names, personal email addresses, dwelling addresses, usernames and phone figures for registered relatives users tied to the account, previous recognized and saved favorite site info, at this time subscribed OnStar package (if applicable), family members’ avatars and photos (if uploaded), profile shots and search and spot information and facts.

Other facts out there to hackers provided auto mileage background, service heritage, emergency contacts and Wi-Fi hotspot configurations (including passwords).

Aside from resetting their passwords, GM advised afflicted men and women to ask for credit score reports from their banking companies and location a security freeze if expected.

GM also confirmed that hackers redeemed client reward points for present playing cards in specific conditions.

GM operates an on the web platform that helps homeowners of Chevrolet, Buick, GMC, and Cadillac automobiles manage their expenses and redeem rewards factors.

GM included that it will be restoring rewards details for all affected shoppers.


Some components of this posting are sourced from:
www.infosecurity-magazine.com

Previous Post: «microsoft warns of web skimmers mimicking google analytics and meta Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code
Next Post: Conti Ransomware Operation Shut Down After Splitting into Smaller Groups conti ransomware operation shut down after splitting into smaller groups»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
  • Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
  • Post-Quantum Cryptography: Finally Real in Consumer Apps?
  • Microsoft’s AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
  • Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
  • Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
  • GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
  • China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
  • The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
  • China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

Copyright © TheCyberSecurity.News, All Rights Reserved.