August 12, 2020

Volume X, Number 225

August 11, 2020

Subscribe to Latest Legal News and Analysis

August 10, 2020

Subscribe to Latest Legal News and Analysis

500,000 Car Owner Records found on Dark Web

Intelligence experts KELA recently announced that almost 500,000 customer records of different car suppliers were being offered for sale on the dark web by hacking group “KelvinSecurity Team”.

According to reports, almost 400,000 UK based BMW customers’ data is being sold on the online black market. This data includes the initials and surnames of car owners, home addresses, email addresses, the names of dealerships and car-registration information. The data of Mercedes, SEAT, Honda and Hyundai car owners also form part of the compromised customer records.

Analysis of the records by KELA revealed the hackers may have extracted the data from a UK based BMW car dealer or a call centre that manages customers of different car suppliers.

This data breach highlights the common tactic hackers employ by targeting a “weak link” in an organisation’s supply chain to gain unauthorised access to customer data. To mitigate the risk of a third party supplier or group entity becoming the “weakest link” in your supply chain, we recommend:

  • conducting due diligence on potential suppliers or group entities to assess their privacy compliance and information security procedures;
  • including robust privacy and data security clauses in your agreement with suppliers; and
  • working with your suppliers or group entities to improve their overall privacy capability and cyber resilience, such as conducting training and raising awareness of the privacy and information security standards you expect of your suppliers or group entities.
Copyright 2020 K & L GatesNational Law Review, Volume X, Number 192


About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Keely O'Dowd, K&L Gates, attorney, Melbourne

Ms. O'Dowd is an experienced lawyer with a focus on technology and sourcing projects. She advises on a broad range of technology transactions, including procurement, outsourcing and software licensing. This work includes drafting and advising on a range of IT procurement and supply agreements. Ms. O'Dowd advises a range of corporations on privacy and cybersecurity.