Cyber Attack

Ford’s Data Breach Linked to a Third-Party Supplier

SecurityAffairs

Threat Actor: IntelBroker, EnergyWeaponUser | IntelBroker, EnergyWeaponUser
Victim: Ford Motor Company | Ford Motor Company
Price: Not disclosed
Exfiltrated Data Type: Customer Names, Physical Locations, Bought Product

Key Points :

  • Ford confirmed that its systems and customer data were not compromised.
  • The breach involved a third-party supplier and exposed 44,000 customer records.
  • Compromised data includes customer names, physical addresses, and purchase information.
  • IntelBroker has a history of stealing data from high-profile organizations.
  • Ford stated that the issue has been resolved and involved publicly available dealer business addresses.

Ford investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised.

Ford investigation investigated a data breach after a threat actors claimed the theft of customer information on the BreachForums cybercrime.

On November 17, threat actors IntelBroker and EnergyWeaponUser published a post on BreachForums announcing they have stolen 44,000 Ford customer records.

Below is the announcement published by the duo on the cybercrime forum:

Ford

Breached by @IntelBroker & @EnergyWeaponUser

In November 2024, Ford Motor Company, an American multinational automobile company, suffered a data breach. It exposed 44k records of Customer Names, Physical Locations, Bought Product.

Compromised user data: Customer Names, Physical Locations, Bought Product”

Compromised data include names, physical addresses, and purchase info.  

Ford provided the following statement to the media [1,2], it confirmed that threat actors did not hack its systems.

“Ford’s investigation has determined that there was no breach of Ford’s systems or customer data. The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses. It is our understanding that the matter has now been resolved.”a Ford spokesperson told media.

IntelBroker is known to have stolen data from multiple high-profile organizations, including Cisco, Europol, DC Health Link, Volvo Cars, and HPE.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint