Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Audi, Volkswagen Customer Data Being Sold on a Hacking Forum

Audi, Volkswagen Customer Data Being Sold on a Hacking Forum

Audi and Volkswagen customer data is being sold on a hacking forum after allegedly being stolen from an exposed Azure BLOB container.

Last week, the Volkswagen Group of America, Inc. (VWGoA) disclosed a data breach after a vendor left customer data unsecured on the Internet between August 2019 and May 2021.

“The data included some or all of the following contact information about you: first and last name, personal or business mailing address, email address, or phone number,” disclosed VWGoA in a data breach notification.

“In some instances, the data also included information about a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages.”

The data breach involved 3.3 million customers for Audi, Volkswagen, and some authorized dealers in the USA and Canada.

Also Read: Data Protection Officer Singapore | 10 FAQs

Stolen data sold on a hacking forum

On June 14th, a known seller of data stolen during data breaches put the Audi and Volkswagen data up for sale on a popular hacking forum.

According to a post on the forum, the sold data consists of over 5 million records, with 3,862,231 records being leads and 1,792,278 records in the sales database.

Audi data for sale on a hacking forum
Audi data for sale on a hacking forum

While the leads database contains contact information and phone numbers for prospective buys, the seller states that the sales database contained a great deal more information, including VINs, business numbers, information about the driver, and vehicle information.

According to Vice, who first reported on the sale of this data, the hacker said they accessed the exposed data in March after finding it in an unsecured Azure Blob container.

The hackers are asking between $4,000 and $5,000 for all of the records and said the database does not contain any customers’ social security numbers.

Also Read: The DNC Singapore: Looking at 2 Sides Better

The threat actor had previously told BleepingComputer that they were selling the database for a VPN service provider with multiple Android apps on the Google Play Store for $1,000.

They also claimed responsibility for a data breach at the popular recipe site, Copy Me That.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us