‘UCAR,’ the French car rental platform that operates a network of over 150 agencies in mainland France and overseas territories, has announced the news about a cyber-attack that took place at the start of the year. The company stated that the investigation aimed to analyze the nature and impact of the attack is still underway, with the help of a forensic expert firm whom they contracted.
In the meantime, the services remain up and available for all clients, as the company has restored from a backup, which is the element that clearly indicates a ransomware attack.
Customers didn’t experience any service interruption, so the restoration was prompt. However, the hackers may have exfiltrated data, which is typical for this type of attack. If that’s the case, we will most probably learn more about it in ten days or so, when the first data samples will leak on the dark web, and the extortion process will intensify.
That is, if UCAR doesn’t pay the actors the ransom they’re demanding. Since this has gone public from UCAR themselves, our guess is that they’re not planning to negotiate a payment with the ransomware actors.
The main issue here is the stolen data, which could involve several sensitive details. To rent a car, one typically has to produce a national ID or passport, a driving license, and debit or credit card details to cover the rental’s security deposit and cost.
In some cases, customers are required to also provide proof of return travel and accommodation information. If UCAR was storing this data in the compromised systems, and if that data wasn’t encrypted, we may soon see a very severe data leak affecting tens of thousands of individuals.
An incident of this extent could also incur large fines by the French data protection office, in accordance with the GDPR. Car rental services like UCAR aren’t going through the best of times right now as the pandemic has crippled their business and greatly decreased reservations. UCAR covers professionals with utility rentals too, but movement restrictions have negatively affected that part of the business.