Mitsubishi Motors Vietnam Customer Data Breached
A threat actor known as eroscloud has posted on a well-known hacking forum, claiming responsibility for breaching Mitsubishi Motors Vietnam’s customer database. The compromised data appears to include detailed personal information about vehicle owners, including names, phone numbers, physical addresses, vehicle information, and dealership communication logs.
Data for Sale
The post, which went live early Thursday morning. The actor is offering access to the database and has provided several samples showcasing the depth and sensitivity of the stolen information. Based on the samples reviewed by Leakd.com, each record includes:
- Full name and contact information of the customer
- Home address
- Vehicle license plate and VIN
- Vehicle model and mileage (KM)
- Service interaction logs: including attempted call outcomes, appointment statuses, and next contact dates
Threat Actor and Exposure Scale
The poster, eroscloud, labeled the listing with “Customer Number: 31759,” potentially hinting that over 31,000 customer records may be compromised. The post directs interested buyers to Telegram and a support handle, suggesting this is part of a broader data sale campaign.
Risks and Repercussions
This leak poses significant privacy and safety risks to Mitsubishi customers in Vietnam. With full contact information, VINs, and scheduled service appointments exposed, customers may be vulnerable to:
- Targeted phishing scams
- Identity theft
- Automotive theft
- Unwanted calls or harassment
Moreover, the inclusion of dealership service notes and call outcomes indicates that internal Mitsubishi operational systems have been accessed.
As of the time of writing, Mitsubishi Motors Vietnam has not released an official statement regarding the breach.
Disclaimer
Leakd.com does not engage in the exfiltration, downloading, hosting, viewing, reposting, or disclosure of any stolen or illegally obtained information. All breach data reported here is sourced from publicly available threat intelligence sources and cybercriminal forums for public awareness and research purposes only.