• Home
• Cars

Indian car-sharing marketplace Zoomcar has revealed that a hacker accessed the personal data of at least 8.4 million customers, including their names, phone numbers, and car registration numbers.

The Bengaluru-headquartered company identified the incident involving unauthorized access to its information systems on June 9, per its filing with the U.S. Securities and Exchange Commission. The company stated that it became aware of the incident after some of its employees received external communications from a threat actor who claimed to have gained access to the company’s data.

“Upon discovery, the company promptly activated its incident response plan,” said Zoomcar in its filing.

The company said there was “no evidence that financial information, plaintext passwords, or other sensitive identifiers” were compromised in the breach.

Responding to the incident, Zoomcar said it implemented “additional safeguards across the cloud and internal network, increasing system monitoring, and reviewing access controls,” without providing further details. The company also stated that it is engaging with third-party cybersecurity experts and has notified “appropriate regulatory and law enforcement authorities and is cooperating fully with their inquiries.”

However, Zoomcar has not yet said if it has informed affected customers about the incident, and whether it has any information about the hacker.

TechCrunch has reached out to Zoomcar, asking these questions and more, and will update this article when the company responds.