BMW Concessionaires, the luxury car brand's exclusive distributor in Hong Kong, had nearly 14,000 of its customers' information compromised following a breach of its third-party contractor Sanuker, according to The Cyber Express.
Included in the impacted data were names, mobile numbers, and SMS opt-out preferences, said BMW Concessionaires in a statement to Hong Kong's Office of the Privacy Commissioner for Personal Data. While BMW has been urged by the agency to immediately inform individuals affected by the incident, the automaker's response has resulted in dissatisfaction among customers. "It's a pretty serious breach where a lot of confidential data has gone. There could be all sorts of consequences for fraud and scams based on the customer information," said Michael Gazeley of Hong Kong cybersecurity firm Network Box. Such a development comes months after BMW had its development environment compromised by the 888 threat operation through the exploitation of a misconfigured Microsoft Azure-hosted cloud storage server.