RestorePrivacy

Resources to stay safe and secure online

Threat Actor Claims Breach on American Moving Firm U-Haul, Leaks Employee Data Online

By 1 Comment
Threat Actor Claims Data Breach on American Moving Firm U-Haul

A threat actor using the moniker ‘D3m0n’ has posted over 13 GB of data allegedly belonging to American trucking giant U-Haul.

U-Haul is an Arizona-based moving truck company employing 19,500 people, with an annual revenue of over $4 billion USD. The company maintains a strong presence across the United States, operating over 17,000 service points.

Over the weekend, Breach forums user D3m0n leaked what they claim to be the firm’s Sharepoint database containing data on every employee of the firm. Specifically, the files leaked by the cybercriminal contain full names, phone numbers, email addresses, and job titles of employees of U-Haul. D3m0n has also linked to their own website that contains a copy of the files among data packs from previous breaches.

Data leaked for free on a hacking forum
RestorePrivacy

During a review of the leaked data, RestorePrivacy saw entries that concern high-ranking executives, including General Managers, department managers, etc. The exposure impacts workers, sales agents, maintenance specialists, assistants, customer care representatives, drivers, warehouse personnel, technicians, system administrators, inspectors, network managers, software developers, and others.

Employee information contained in the leaked data
RestorePrivacy

The main risks that arise from this massive data exposure for U-Haul are phishing, social engineering attacks, and BEC (business email compromise). Also, the leaked email addresses make it easier for threat actors to perform brute-forcing to guess account passwords or use leaked credentials from other breaches to hijack the accounts. Such a compromise would open the way to lateral phishing, potentially targeting more valuable accounts within the organization.

Other data found in the 13 GB pack include retail documents, staff payments, conference presentations, IT alerts and notifications, acquisition and project documents, software development data, and many more.

The data leak seems credible, but the company has yet to publicly acknowledge any breach. We reached out to several individuals listed in the leaked documents, and some verified their positions and email addresses. This strongly suggests a potential breach at U-Haul, although definitive confirmation is still pending.

RestorePrivacy has contacted U-Haul both via email and phone to request a comment on the validity of the data breach claims, and we will update this post once we receive a response.

Further reading:

About Heinrich Long

Heinrich is an associate editor for RestorePrivacy and veteran expert in the digital privacy field. He was born in a small town in the Midwest (USA) before setting sail for offshore destinations. Although he long chafed at the global loss of online privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was time to join the good fight for digital privacy rights. Heinrich enjoys traveling the world, while also keeping his location and digital tracks covered.

Reader Interactions

Comments

  1. Anon

    What I don’t understand is why d3m0n just gave all that info for free instead of ransoming it. Anyone know why?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *