According to a report from SC Magazine, the database being flogged to cybercrooks includes a whole host of sensitive data, such as the initials and surnames of car owners, their home addresses and email addresses, and the names of dealerships and car-registration information.
As per the report, the hackers claim that they got hold of the database via a call centre that works with a range of car manufacturers.
The database is believed to consist of 500,000 customer records dated from 2016 to 2018. These not only include the details of Brits who own BMW cars, but also owners of Mercedes, Honda, Hyundai and SEAT vehicles.
Speaking to SC Magazine, Kela researchers explained how the hacking group predominantly sells compromised data on underground forums. Last month, the hackers sold 16 databases that contained the information of contractors working for the U.S. government and weapons being created by the Russian armed forces.
Active on the dark web
But the group hasn’t just been looking to make money from stolen data. The hackers also made 28 databases freely available on the internet, with targets from countries like the U.S, Australia, France, Sweden, Indonesia, Iran and Mexico (according to SC Magazine).
A week ago, BleepingComputer reported that the group was selling compromised data from market research firm Frost & Sullivan. This information was left available for anyone to access online as a result of being stored in an insecure backup folder.
Jake Moore, a security specialist at ESET, warned that hackers could use such information to launch “rather convincing phishing campaigns masquerading as BMW or a partner organisation”.
“I would recommend any vehicle owner to be extremely cautious when opening emails suggesting they are from the likes of BMW and Mercedes from now on," Moore told Tom's Guide. "Phishing emails that request any further data can be used in conjunction with stolen data from the breach and could be used in a future attack or identity theft.
"It is now vital that all affected customers are extra vigilant whenever they receive unsolicited emails that appear to be from their manufacturer that request further information, personal, financial or otherwise as these could include links to well-crafted cloned websites.”