KiwiRail, BHP Newman Operations, Teletrac Navman and Aldi Stores Australia: Exclusive: Client GPS data potentially exposed in alleged Teletrac Navman breach

KiwiRail, BHP Newman Operations, Teletrac Navman and Aldi Stores Australia: Exclusive: Client GPS data potentially exposed in alleged Teletrac Navman breach

Teletrac Navman Suffers Major Data Breach: Fleet Telemetry Data of 2,988 Organizations Exposed

A threat actor operating under the alias laserscript has claimed to exfiltrate sensitive fleet telemetry data from Teletrac Navman, a global telematics provider headquartered in the U.S. with offices in Sydney and Melbourne. The breach, announced on 4 July, involves real-time GPS tracking data collected over a 48-hour period (27–28 June 2026) from the company’s production systems.

The stolen dataset allegedly includes:

  • 670,000+ position records from 2,988 organizations across Australia and New Zealand.
  • Data on 8,000+ drivers, including emails, mobile numbers, and 1,200+ driver’s licenses.
  • Vehicle registration details and continuous location updates for fleets.

Affected entities span government agencies and major corporations, including KiwiRail, Gold Coast City Council, Aldi Stores Australia, and BHP Newman Operations. The hacker has made the data available for sale, directing potential buyers to contact them via messaging platforms. A 1,500-line sample was also shared, leading to excessive downloads that exceeded the host’s 1,000-gigabyte monthly limit.

Teletrac Navman, a leading provider of fleet tracking solutions for sectors like trucking, government, and construction, has not yet responded to requests for comment. The company employs over 800 people and ranks among the top five global telematics firms. The full extent of the breach and its potential impact on affected organizations remain under investigation.

Source: https://www.cyberdaily.au/security/13865-exclusive-client-gps-data-potentially-exposed-in-alleged-teletrac-navman-breach

Teletrac Navman cybersecurity rating report: https://www.rankiteo.com/company/teletracnavman

KiwiRail cybersecurity rating report: https://www.rankiteo.com/company/kiwirail

ALDI Stores Australia cybersecurity rating report: https://www.rankiteo.com/company/aldi-stores-australia

BHP cybersecurity rating report: https://www.rankiteo.com/company/bhp

"id": "TELKIWALDBHP1783413728",
"linkid": "teletracnavman, kiwirail, aldi-stores-australia, bhp",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '2,988 organizations',
                        'industry': 'Telematics, Fleet Tracking',
                        'location': 'Global (Headquartered in U.S., offices in '
                                    'Sydney and Melbourne)',
                        'name': 'Teletrac Navman',
                        'size': '800+ employees',
                        'type': 'Company'},
                       {'industry': 'Rail Transport',
                        'location': 'New Zealand',
                        'name': 'KiwiRail',
                        'type': 'Government Agency/Corporation'},
                       {'industry': 'Municipal Services',
                        'location': 'Australia',
                        'name': 'Gold Coast City Council',
                        'type': 'Government Agency'},
                       {'industry': 'Retail',
                        'location': 'Australia',
                        'name': 'Aldi Stores Australia',
                        'type': 'Corporation'},
                       {'industry': 'Mining',
                        'location': 'Australia',
                        'name': 'BHP Newman Operations',
                        'type': 'Corporation'}],
 'attack_vector': 'Unknown',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '670,000+ position records, '
                                              '8,000+ drivers',
                 'personally_identifiable_information': ['Emails',
                                                         'Mobile numbers',
                                                         'Driver’s licenses'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['GPS tracking data',
                                              'Driver personal information',
                                              'Vehicle registration details']},
 'date_detected': '2026-06-28',
 'date_publicly_disclosed': '2026-07-04',
 'description': 'A threat actor operating under the alias *laserscript* has '
                'claimed to exfiltrate sensitive fleet telemetry data from '
                'Teletrac Navman, a global telematics provider. The breach '
                'involves real-time GPS tracking data collected over a 48-hour '
                'period (27–28 June 2026) from the company’s production '
                'systems. The stolen dataset includes 670,000+ position '
                'records from 2,988 organizations across Australia and New '
                'Zealand, data on 8,000+ drivers, vehicle registration '
                'details, and continuous location updates for fleets. The '
                'hacker has made the data available for sale.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage',
            'data_compromised': '670,000+ position records, driver data '
                                '(emails, mobile numbers, 1,200+ driver’s '
                                'licenses), vehicle registration details',
            'identity_theft_risk': 'High',
            'systems_affected': 'Fleet telemetry production systems'},
 'initial_access_broker': {'data_sold_on_dark_web': True},
 'investigation_status': 'Under Investigation',
 'motivation': 'Financial Gain',
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'Cyber Incident Description'}],
 'threat_actor': 'laserscript',
 'title': 'Teletrac Navman Suffers Major Data Breach: Fleet Telemetry Data of '
          '2,988 Organizations Exposed',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.