Europcar Mobility Group has confirmed a breach of its GitLab repositories, leading to the theft of mobile app source code and personal data of customers, reports BleepingComputer. The incident, which occurred in late March, involved the unauthorized access and extraction of around 37GB of data, including SQL backups and application configuration files. The threat actor, operating under Europcar’s own name, claimed to have obtained all GitLab repositories, although investigations suggest only a portion was affected.
The stolen data primarily includes names and email addresses associated with Europcar’s Goldcar and Ubeeqo brands. Current assessments estimate that between 50,000 and 200,000 individuals may have been impacted, with some records dating back to 2017 and 2020. Europcar has stated that no financial information or passwords were compromised. The company is in the process of notifying affected customers and has informed the relevant data protection authority.
Screenshots shared by the attacker indicate that credentials were embedded within the stolen source code. While the exact method of breach is unknown, compromised credentials from prior infostealer incidents remain a likely vector. The situation follows a series of past security concerns for Europcar, including a false breach claim in 2023 and an exposed admin token in 2022.
As of now, Europcar is working to determine the full scope of the breach and secure its systems. The company has not commented on any potential disruptions to its operations but appears focused on mitigating further risk. This incident highlights ongoing challenges in securing code repositories and managing sensitive data across distributed systems.
