Jaguar Land Rover Allegedly Hacked - Threat Actor Leaked 700 Internal documents

The inclusion of source code, a critical asset for automotive companies suggests that proprietary algorithms governing driver-assistance systems, infotainment platforms, or electric vehicle battery management may have been exfiltrated. A threat actor on a popular dark web forum, Rey, claims to have obtained internal data from Jaguar Land Rover, a British multinational automotive company specializing in luxury and off-road vehicles. If verified, the incident could represent one of the most significant cybersecurity threats to the luxury vehicle manufacturer, with implications for both intellectual property security and employee privacy. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. While financial data or customer information does not appear to be part of this leak, the exposure of internal communications and technical specifications raises concerns about industrial espionage. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Modern vehicles’ reliance on interconnected software systems often managed through third-party vendors creates expansive attack surfaces for threat actors. The leaked data’s technical nature particularly the inclusion of tracking datasets—could also benefit competitors seeking insights into JLR’s autonomous driving or telematics systems. Cybersecurity analysts speculate that the breach likely originated from a compromised corporate server or cloud repository, given the volume and diversity of the data. These datasets often contain granular details about vehicle performance, geolocation patterns, and sensor outputs, which are instrumental in refining machine learning models for self-driving technologies. For example, threat actors like ALPHV/BlackCat have historically demanded payments in exchange for withholding proprietary code from public release. She is covering various cyber security incidents happening in the Cyber Space. For employees, credential monitoring and security awareness training are critical to mitigating follow-on attacks.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 12 Mar 2025 07:50:18 +0000

Cyber News related to Jaguar Land Rover Allegedly Hacked - Threat Actor Leaked 700 Internal documents

Jaguar Land Rover Allegedly Hacked - Threat Actor Leaked 700 Internal documents - The inclusion of source code, a critical asset for automotive companies suggests that proprietary algorithms governing driver-assistance systems, infotainment platforms, or electric vehicle battery management may have been exfiltrated. A threat actor ...
3 months ago Cybersecuritynews.com

TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com CVE-2023-42793 APT29

Windows Incident Response: Human Behavior In Digital Forensics, pt III - Digital forensics can provide us insight into a threat actor's sophistication and situational awareness, which can, in turn, help us understand their intent. Observing the threat actor's actions helps us understand not just their intent, but what ...
1 year ago Windowsir.blogspot.com

Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor's Activity - By analyzing tools, logs and artifacts left open to the internet, we were able to profile the threat actor and their victims. After analyzing the artifacts we can conclude with moderate confidence that the majority of the threat actor activity ...
1 year ago Thedfirreport.com

Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials v - Under the nickname “APTS,” a second threat actor surfaced on the forum with a thread of his own, claiming to have gained access to JLR’s systems and stolen an even greater quantity of data from the organization by using the same ...
3 months ago Cybersecuritynews.com

Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
1 year ago Thedfirreport.com Trigona

New Tool Set Found Used Against Organizations in the Middle East, Africa and the US - Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. We will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors' activity. We ...
1 year ago Unit42.paloaltonetworks.com

HellCat hackers go on a worldwide Jira hacking spree - The Swiss company did not provide technical details about the breach but targeting the Jira ticketing system has become a common attack method for the HellCat hackers. Rey, a member of the HellCat hacking group, told BleepingComputer that they stole ...
3 months ago Bleepingcomputer.com

Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
1 year ago Microsoft.com

Europol confirms web portal breach, says no operational data stolen - Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only documents containing ...
1 year ago Bleepingcomputer.com

APT trends report Q1 2024 - Careto is a highly sophisticated threat actor that has been seen targeting various high-profile organizations since at least 2007. The last operations conducted by this threat actor were observed in 2013. Our private report provided a detailed ...
1 year ago Securelist.com OilRig Sidewinder

Virustotal Shares New Ideas to Track Threat Actors - In a recent presentation at the FIRST CTI in Berlin and Botconf in Nice, VirusTotal unveiled innovative methods to track adversary activity by focusing on images and artifacts used during the initial stages of the kill chain. Traditionally, threat ...
1 year ago Cybersecuritynews.com APT28

Hacker leaks millions of new 23andMe genetic data profiles - A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe ...
1 year ago Bleepingcomputer.com Rocke Hunters

Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
1 year ago Microsoft.com Kimsuky

Oracle customers confirm data stolen in alleged cloud breach is valid - Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor ...
2 months ago Bleepingcomputer.com

US SEC's X account hacked to announce fake Bitcoin ETF approval - The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC's hacked X ...
1 year ago Bleepingcomputer.com

Threat Actor Leaked Data from Major Bulletproof Hosting Medialand - A significant data breach occurred when an unidentified threat actor leaked internal data from Medialand, a major bulletproof hosting (BPH) provider with extensive ties to cybercriminal operations worldwide. ????️ On March 28, 2025, a threat actor ...
2 months ago Cybersecuritynews.com

Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com

Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware - Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. A new report from U.S.-based cybersecurity company Proofpoint exposes a new attack campaign operated by a ...
1 year ago Techrepublic.com

Threat Intelligence Feeds Flood Analysts With Data, But Context Still Lacking - By combining external threat data with internal risk assessments, contextual threat intelligence helps organizations measure the risk level of alerts or vulnerabilities in relation to their business and technical assets, ensuring that the most ...
2 months ago Cybersecuritynews.com

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
1 year ago Microsoft.com

How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
1 year ago Cyberdefensemagazine.com Hunters

Hellcat Ransomware Group Hacked Ascom Technical Ticketing System - The attack represents the latest in a global hacking spree targeting Jira servers, with Hellcat employing their signature method of exploiting compromised credentials to gain unauthorized access to sensitive corporate infrastructure. Jira, a project ...
3 months ago Cybersecuritynews.com

What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
1 year ago Feeds.dzone.com