Jump to content

Test data leak from ABRP server


Bo-ABRP

5,825 views

Yesterday (April 20th 2021) we became aware that one of our development servers - not used for the public ABRP service - had been attacked by somebody who deleted data from one of the databases and requested a ransom to give it back, or else expose it. The test database was exposed due to a human mistake.

The data in the database consisted of randomly selected anonymous vehicle live data recordings. The data was collected from actual drives or charging sessions,  and contains location, speed, SoC, power, weather data and car model. 

The leaked data does NOT contain any personal data - only pure, anonymous vehicle data. It does NOT contain any names, vehicle identity numbers, credit card numbers, passwords, e-mail addresses, live data tokens (from e.g. Tesla) or anything else that could cause damage if published.

ABRP takes your privacy and data security very seriously. We have designed our systems and databases in a way to minimize risk and damage in case of, e.g. a hacker attack. Our production servers (used for our public service) are protected in the best way we can with very restricted access. 

We have taken and will continue to take necessary actions to make sure this does not happen again.

Bo and the ABRP team

2 Comments


Recommended Comments

Guest DaveD

Posted

Strange that I had an unrequested password reset email a couple of days ago....

Link to comment

We had no personal data at all in that database, so we would have to assume that that password reset email was a coincidence. If you want we can investigate the logs for you and see what/who triggered it?

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...