Hackers compromise AutoNation websites, capture payment card data, other info

Share this article:

National automobile retailer AutoNation is notifying an undisclosed number of customers that their payment card data, as well as other information, may have been captured by hackers that compromised AutoNation websites hosted and operated by TradeMotion.

How many victims? Undisclosed. 

What type of personal information? Names, addresses, phone numbers, email addresses and payment card information.

What happened? Hackers were able to capture personal information after compromising AutoNation websites hosted and operated by TradeMotion.

What was the response? TradeMotion contacted the FBI and an investigation is ongoing. TradeMotion stated that the software used by the hackers to capture the information has been removed. TradeMotion is conducting penetration testing and is monitoring its systems for ongoing activity. All impacted individuals are being notified, and offered a free year of identity theft protection services. AutoNation is no longer processing card payments through TradeMotion.

Details: TradeMotion notified AutoNation on May 6. The hackers may have had access to the information from March 5 to May 2.

Source: doj.nh.gov, “Breach Notification Letter,” May 26, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.