News Heading - 1

Europcar Rebuffs Hacked Data as AI Generated

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Global car rental company Europcar refuted data leak claims, stating that the advertised personal information of nearly 50 million customers is fake.

On January 28, a user of a popular hacking forum claimed to be selling information for 48,606,700 Europcar customers. The post included a sample of alleged stolen data, including names, complete address, birth and passport details, driver’s license number, and other information.

After a threat intelligence service notified it about the breach, Europcar verified the data. The company dismissed it as false, stating that it was probably generated using generative AI tools like ChatGPT.

The company went on to say:

– ‘’the number of records is completely wrong & inconsistent with ours,

– the sample data is likely ChatGPT-generated (addresses don’t exist, ZIP codes don’t match, first name and last name don’t match email addresses, email addresses use very unusual TLDs),

– and most importantly: none of these email addresses are present in our database.”

However, Troy Hunt of Have I Been Pwned does not believe that the data was generated using artificial intelligence, despite much of it being false.

According to him, there is a mismatch between the listed individuals’ names and corresponding email addresses and usernames. Moreover, some of the addresses are non-existent. ‘’But many of the physical addresses are fake – they just don’t exist. They’re generated,’’ Hunt wrote on X (previously Twitter).

Nevertheless, he pointed out that not all email addresses were false, some emails in the datasets were real. They appeared in previous breaches, monitored by the site, Have I Been Pwned.

While one cannot rule out the use of generative-AI in cyber-attacks and online scams, this data leak incident is not a result of this.

‘’We’ve had fabricated breaches since forever because people want airtime or to make a name for themselves or maybe a quick buck. Who knows, it doesn’t matter, because none of that makes it “AI” and seeking out headlines or sending spam pitches on that basis is just plain dumb,’’ Hunt explained.

News Heading - 2

Schneider Electric’s Sustainability Business Suffers Ransomware Attack

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

French energy management and industrial automation giant Schneider Electric, in a public announcement, revealed a ransomware attack on its Sustainability Business division.

The company said the incident disrupted operations of some division specific systems, including Resource Advisor, its cloud-based sustainability and energy management platform.

The attack which took place on January 17, 2024 is claimed by the Cactus ransomware group, and it is believed to have resulted in significant amounts of corporate data theft as well. However, on its TOR site, the gang is yet to add Schneider to its list of victims.

Although details of the stolen data are yet to be shared, Schneider has notified the impacted customers of the incident. Known to provide consulting services to enterprises like PepsiCo, Walmart, DuPont, and Hilton, the Sustainability division helps organizations with their energy efficiency projects and energy procurement.

‘’The on-going investigation shows that data have been accessed. As more information becomes available, the Sustainability Business division [..] will continue the dialogue directly with its impacted customers and [..] provide information and assistance as relevant,’’ Schneider stated .

Immediately after discovery, the company deployed containment measures to ‘’contain the incident and reinforce existing security measures.’’

In the January 29th notification, the company reassured its various stakeholders that no other division within the Schneider Electric group was affected, as the Sustainability Business, an autonomous entity, operates its own isolated network infrastructure.

To analyze the impact of the security incident, the company continues to work with relevant authorities and has also availed services of leading cybersecurity firms.

Previously, Schneider Electric was targeted by the Cl0p ransomware group. The company was one of the many victims of the widespread MOVEit attack, which is said to have impacted approximately 2,611 organizations worldwide.

Active since March 2023, Cactus ransomware is known to adopt the double-extortion technique and has added numerous enterprises to its list of victims.