Leak at Norauto
On 2 December 2024, French automotive retailer Norauto disclosed a cyberattack on its vehicle-rental service that exposed personal data of about 78,000 customers, including names, contact details and, in some cases, ID-document numbers; the dataset was put up for sale on BreachForums.
- Victim
- Norauto
- records
- 78.0K
On 2 December 2024, Norauto — the French automotive parts, maintenance and services retailer — informed customers by email that it had been the victim of a cyberattack exposing personal data belonging to roughly 78,000 people. The company said the breach specifically targeted its vehicle-rental service rather than its full customer base.
The exposed data was drawn from information provided during rental transactions and varied by individual. Affected records reportedly included:
- First and last names
- Email addresses
- Postal addresses
- Phone numbers
- Identity-document numbers (in some cases)
Shortly after the disclosure, an actor advertised a dataset of about 78,000 Norauto records for sale on the BreachForums underground marketplace, reportedly for as little as €50. The figures and timing matched earlier claims circulating since September 2024, which some researchers linked to the "Frérots K" group.
Norauto said it had taken security measures to stop the leak and harden its systems, communicated with affected customers, and notified France's data-protection authority, the CNIL, as required by law.
Sources
- linformaticien.comhttps://www.linformaticien.com/magazine/cybersecurite/62768-fuite-de-donnees-78-000-comptes-clients-norauto-compromis.html
- auto-infos.frhttps://www.auto-infos.fr/article/les-donnees-de-78-000-clients-de-norauto-piratees-et-deja-en-vente.285000
- lsa-conso.frhttps://www.lsa-conso.fr/norauto-victime-a-son-tour-d-une-fuite-de-donnees-78-000-clients-concernes,458374
- francesoir.frhttps://www.francesoir.fr/societe-science-tech/norauto-vise-par-une-cyberattaque-fuite-des-donnees-de-78-000-clients