Buchbinder data leak: 3 million customers of the car rental company affected

Buchbinder data leak discovered! Now it has the "market leader in the private customer segment"ent cars and trucks in Germany and Austria ”- and with him 3 Buchbinder data leak - leak at the car rental companyMillions of customers: Due to an error, sensitive customer data from Buchbinder was public on the Internet for weeks. A total of 10 terabytes of data such as invoices, emails, contracts, etc. were affected by the Buchbinder data leak. This is reported by “Die Zeit” and “c't”.

Buchbinder data leak discovered during routine checks

The Buchbinder data leak was discovered by IT security professional Matthias Nehls for routine checks. Conscientiously, the company turned to Buchbinder directly. Email twice. However, according to Nehls, without reaction. For this reason, the expert's next step was towards the two media and the Bavarian State Data Protection Officer. “Die Zeit” and “c`t” in turn turned to Buchbinder - the following comment then reached the media regarding the Buchbinder data leak:

"Immediately after becoming aware of the facts, we promptly arranged for the corresponding ports to be closed by our contract partner, who was responsible for maintaining and securing the servers."

Buchbinder data leak caused by configuration errors

A configuration error in a backup server is said to be behind the Buchbinder Leak. This made it possible for accounts to be accessible without a password and for data to be extracted. However, only if you knew the exact IP address and were looking for unprotected servers on the network. It is not (yet) clear whether hackers can actually exploit the Buchberger leak. In any case, prominent Germans as well as the Bundeswehr and the police are among the 3 million customers affected. The Buchbinder data leak also affects customers of other rental portals.

Buchbinder Leak revealed addresses, names etc. - from over 15 years!

The 10 terabytes of data accessible through the error and the Buchbinder data leak contained a lot of sensitive information - and that from a period of over 15 years: correspondence with customers, invoices, photos of damage to vehicle genes and contracts included the data from the bookbinder leak. In the latter of course there was a lot of personal information such as names, addresses, birthdays etc.

Are you a Buchbinder customer? Check whether your data was / are at risk!

You can clarify whether you are affected by the Buchbinder data leak by contacting the company directly: datenschutz@buchbinder.de. If you have rented vehicles there in recent years, you should definitely send an inquiry! So far it is not clear whether the Buchbinder data leak has been used by cybercriminals and whether customer data has been compromised. In general, you should ensure that you are always on the safe side online - preferably with one Top combination of browser & VPN.


Created on:01/22/2020

Leave a Comment