Rey, a threat actor on a well-known dark web forum, claims that it obtained internal information from Jaguar Land Rover, a multinational automotive corporation based in the United Kingdom that specialises in luxury and off-road automobiles.
In addition to a personnel database that exposes usernames, email addresses, display names, and time zones, the reportedly leaked dataset comprises almost 700 internal papers that contain sensitive development logs, tracking information, and source code.
About The Threat Actor
The attack, which took place earlier this month and involved the theft of 700 internal corporate records, is still under investigation. The data sample offered in the attackers’ post seems to be authentic, according to the Cybernews research team. Furthermore, the hacker who made the announcement is an experienced member in the underground data leak community and often posts authentic data leaks.
One of the top luxury automobile manufacturers in the world, Jaguar Land Rover (JLR), is dealing with a data breach after a hacker going by the name “Rey” uploaded private user and staff information to BreachForums. JLR is proactively managing and reducing the risks resulting from this incident, having acknowledged the security danger.
About The Data That Is Exposed
JLR’s corporate network may be vulnerable to advanced phishing operations or credential-stuffing attacks thanks to the employee database, which contains metadata like time zones and display names.
Although this leak does not seem to include financial or customer information, the disclosure of technical specifications and internal discussions raises questions about corporate surveillance.
To improve machine learning models for self-driving technology, these datasets frequently include extremely fine information about sensor outputs, geolocation trends, and vehicle performance. Since cybersecurity professionals have had trouble reaching the hacker, it is still unknown who they are and whether they are connected to any ransomware organisations. As of right now, there is no verified information regarding the usage of the stolen data.
A large personnel dataset has also been hacked, in addition to internal company records. Sensitive personal information such display names, email addresses, usernames, and time zone information are included in this collection. Affected employees run a serious danger of identity theft, phishing schemes, and other focused cyberattacks when this data is made public.
Internal Document Leaks Could Destroy Competitive Advantage
There may be serious consequences from Jaguar Land Rover’s recent security compromise. Competitors may obtain vital knowledge about the company’s strategic efforts, advances in technology, and future plans due to the disclosure of sensitive corporate documents, which might damage its place in the highly competitive motor vehicle industry.
