General Motors

American automaker General Motors was targeted in a credential stuffing attack in April 2022 after it noticed malicious login activity to customers’ accounts.

The attackers accessed customers’ personally identifiable information (PII) and redeemed reward points for gift cards.

The company deactivated the reward feature and notified the customers and law enforcement authorities and asked its customers to reset their passwords and monitor their credit reports for potential fraud.

Source: https://www.cpomagazine.com/cyber-security/hackers-accessed-car-owners-personal-information-in-general-motors-credential-stuffing-attack/

"id": "GEN13536622",
"linkid": "general-motors",
"type": "Cyber Attack",
"date": "04/2022",
"severity": "90",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"