Breach cyber

Zoomcar Holdings, Inc.

Jun 16, 2025 1 min read
Zoomcar Holdings, Inc.

Zoomcar Holdings, Inc. suffered a significant cybersecurity breach compromising the sensitive personal information of approximately 8.4 million users. The incident, discovered on June 9, 2025, exposed names, phone numbers, vehicle registration details, personal addresses, and email addresses. The breach targeted a specific dataset containing personally identifiable information (PII) rather than the entire infrastructure. While financial information and plaintext passwords remained secure, the exposed data could be used for identity theft, social engineering, or phishing attacks. Zoomcar activated its incident response plan, implemented containment measures, and engaged third-party specialists to enhance security controls.

Source: https://cybersecuritynews.com/zoomcar-hacked/

TPRM report: https://scoringcyber.rankiteo.com/company/zoomcar-india-pvt-ltd-

"id": "zoo610061625",
"linkid": "zoomcar-india-pvt-ltd-",
"type": "Breach",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 8400000,
                        'industry': 'Mobility',
                        'name': 'Zoomcar Holdings, Inc.',
                        'type': 'Company'}],
 'attack_vector': ['Unauthorized Access', 'Advanced Persistent Threat (APT)'],
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': 8400000,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['PII']},
 'date_detected': '2025-06-09',
 'description': 'Car-sharing giant Zoomcar Holdings, Inc. has disclosed a '
                'significant cybersecurity incident that compromised sensitive '
                'personal information of approximately 8.4 million users.',
 'impact': {'data_compromised': ['Names',
                                 'Phone Numbers',
                                 'Vehicle Registration Details',
                                 'Personal Addresses',
                                 'Email Addresses'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'Low'},
 'investigation_status': 'Ongoing',
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': ['Vulnerabilities in access control '
                                            'mechanisms and network '
                                            'segmentation protocols']},
 'references': [{'source': 'SEC Form 8-K filing'}],
 'regulatory_compliance': {'regulatory_notifications': 'Yes'},
 'response': {'containment_measures': ['Isolating affected systems',
                                       'Implementing additional network '
                                       'monitoring tools'],
              'enhanced_monitoring': 'Yes',
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': ['Comprehensive security audits across '
                                       'their cloud infrastructure'],
              'third_party_assistance': 'Yes'},
 'title': 'Zoomcar Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': ['Access Control Mechanisms',
                             'Network Segmentation Protocols']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.