Europcar denies data breach affecting 50 million customers — says ChatGPT is to blame in creating fake data

Key Takeaways:

– Europcar denies the existence of a data breach affecting millions of its customers
– A threat actor claimed to be selling a database containing the records of 50 million Europcar customers
– Europcar suspects the data was spoofed using AI tools, citing mismatches in addresses, names, and email addresses
– The company states that none of the email addresses in the dataset are present in their database
– Some addresses and phone numbers in the dataset belong to US regions, while the corresponding email addresses are foreign
– Troy Hunt, creator of HaveIBeenPwned, believes the data is fake but not necessarily AI-generated
– Fabricated breaches have existed for a long time and can be created using various services for different purposes.

TechRadar:

Europcar has said that a data breach affecting millions of its customers is fake. 

A threat actor was discovered selling a database on a well-known underground forum which they claimed holds the records of close to 50 million customers of the car rental firm. The sample they shared shows apparent names, addresses, license numbers, and bank details among the information.

Source link

AI Eclipse TLDR:

Europcar has denied that a data breach affecting millions of its customers is real. A threat actor claimed to have a database containing the records of nearly 50 million Europcar customers and was attempting to sell it on an underground forum. The sample provided by the threat actor included names, addresses, license numbers, and bank details. However, Europcar stated that the breach is fake and suggested that the data was likely spoofed using AI tools like ChatGPT. The company pointed out several inconsistencies in the data, such as non-existent addresses, mismatched ZIP codes, and unusual top-level domains in email addresses. Europcar also stated that none of the email addresses in the dataset are present in their database. Cybersecurity expert Troy Hunt, the creator of HaveIBeenPwned, believes the data is fake but noted that some of the email addresses have appeared in previous unrelated data breaches. He also mentioned that fabricated breaches have been happening for a long time and not just because of the current AI boom. Various services can easily create fake datasets for purposes like creating XML documents and anonymizing data.