Hackers compromise AutoNation websites, capture payment card data, other info

Share this article:

National automobile retailer AutoNation is notifying an undisclosed number of customers that their payment card data, as well as other information, may have been captured by hackers that compromised AutoNation websites hosted and operated by TradeMotion.

How many victims? Undisclosed. 

What type of personal information? Names, addresses, phone numbers, email addresses and payment card information.

What happened? Hackers were able to capture personal information after compromising AutoNation websites hosted and operated by TradeMotion.

What was the response? TradeMotion contacted the FBI and an investigation is ongoing. TradeMotion stated that the software used by the hackers to capture the information has been removed. TradeMotion is conducting penetration testing and is monitoring its systems for ongoing activity. All impacted individuals are being notified, and offered a free year of identity theft protection services. AutoNation is no longer processing card payments through TradeMotion.

Details: TradeMotion notified AutoNation on May 6. The hackers may have had access to the information from March 5 to May 2.

Source: doj.nh.gov, “Breach Notification Letter,” May 26, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Malware on Breyer Horses website for about 18 months, payment card data ...

Malware installed on the computer server hosting the Breyer Horses website may have compromised personal information for people who made purchases between March 31, 2013 and Oct. 6.

Transcript website flaw exposed personal data on 98k users

NeedMyTranscripts.com expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.