Autodoc Hacked

This is the place for posts that don't fit into any other category.
User avatar
GiveMeABreak
Forum Admin Team
Posts: 40817
Joined: 15 Sep 2015, 19:38
x 6547

Autodoc Hacked

Unread post by GiveMeABreak »

Just to advise members who have already ordered or may be thinking of ordering car parts from Autodoc that I have just been notified as of this post date that they have been hacked and subject to a Cyber Security Attack.

Be aware that the following companies are all part of Autodoc. Whether these other subsidiaries share the same database and are therefore exposed too I can't say, but it's probably a safe bet to assume they were.

autodoc.co.uk
bestpartstore.co.uk
buycarparts.co.uk
onlinecarparts.co.uk


Therefore I always recommend using an email alias for online shopping with organisations you don't trust well enough, so that you can always switch it off / delete it if necessary. A consequence of the stolen data is that you may likely receive scammer emails using your real details from data stolen from Autodoc, in order that they can convince you to provide more secure information to scam you. So beware!

I will post the Email for members to read:
CYBER SECURITY INFORMATION
Cyber attacks on companies and authorities are currently on the rise. Even with the implementation of professional security measures, attackers unfortunately succeed again and again in gaining access to the data and know-how of the organisations concerned. We are contacting you today because unfortunately Autodoc has also suffered a cyber attack.

1. WHAT HAPPENED?

Our cybersecurity team registered an attack in which the criminals managed to gain access to an internally used communication tool. Through this channel, the attackers were able to view personal data in the central customer management software and possibly copy it.

The cybersecurity team was able to promptly detect and stop the attack and prevent further data leaks, but unfortunately, based on what we currently know, it cannot be ruled out that your data was viewed and copied by the attackers.

The data concerned are extracts from the customer master data stored in the customer management system, in particular title, surname, first name, street, house number, postcode, city, country, email address, telephone number (mobile and/or landline) and the internally assigned customer number.

No other data is affected, in particular no access data, passwords, credit card data, bank data, credit balances, or order details.

All necessary measures were immediately taken by our experts and the forensic investigation of the cyber attack is ongoing. Our data protection team is working in coordination with the cybersecurity team on the legal processing and has initiated the necessary legal steps; the competent data protection supervisory authority has already been informed about the attack.

2. POSSIBLE CONSEQUENCES FOR YOU

The attackers or third parties to whom the information may have been passed on by the attackers are not able to access your customer account with the data in question, and no orders can be placed or data changed. It is also not possible to reset the password for the customer account, since this is done via your personal email account and its access data is known only to you.

However, it is conceivable that the data could be used to try to find out further information from you, for example by sending scam text messages, calls or emails, using the real data to fraudulently obtain confidential information as passwords or TANs (known as phishing). It is also possible criminals may also impersonate you in order to gain an advantage for themselves or others or to harm you (i.e. identity theft).

3. OUR MEASURES

Our cyber security team reset all access data for the customer management system. Affected computers were forensically analysed and reset. If the internal communication service was affected, the access data was also reset. From a technical point of view, access to the customer management system was significantly strengthened by the introduction of new transport encryption measures and the connection filter configuration set to be stricter.

From an organisational point of view, as a precautionary measure, certain verification procedures are no longer being used in the customer care area and all employees with customer contact have been informed and sensitised accordingly.

We are keeping a close eye on the internal investigations and other developments in connection with the incident and will immediately initiate further measures if new findings make this necessary.

4. MEASURES WE RECOMMEND YOU TAKE

In future, you should be particularly vigilant if someone asks you to transmit or disclose data by telephone, SMS or email. Therefore, please check all communications you receive, even in time-critical situations, and do not open any attachments or links if you are not completely sure that it is an authentic transaction. If in doubt, you should always choose not to perform the requested action. Do not disclose confidential information to strangers. Remember that, as a rule, service providers, traders, and banks do not request confidential data. Neither is it normal for IT or software companies to contact you unsolicited by telephone to attend to alleged emergencies and demand urgent action from you. Never act in such cases without first seeking reassurance from a source that is undoubtedly authentic and reputable.

If an unknown party tries to put you under time pressure and threatens you with urgency, tries to exploit relationships of superiority/subordination or makes unrealistic promises – do not do what they are asking. Please also talk to friends and relatives so that they are not scammed by someone assuming your identity.

5. CONTACT

If you have any questions, please contact us at:

Autodoc AG
Josef-Orlopp-Straße 55
10365 Berlin
Fax: 030 208 478 250
Email: privacy-policy@autodoc.de
Please Don't PM Me For Technical Help

Marc
User avatar
xantia_v6
Forum Admin Team
Posts: 9565
Joined: 09 Nov 2005, 23:03
x 934

Re: Autodoc Hacked

Unread post by xantia_v6 »

Coincidentally, I made my first purchase from Autodoc last week. Fortunately I used a throw-away email address.
Armidillo
(Donor 2022)
Posts: 480
Joined: 28 Apr 2020, 02:18
x 274

Re: Autodoc Hacked

Unread post by Armidillo »

I haven't used Autodoc much, because of their high freight charges to Australia. However I did purchase from onlinecarparts.co.uk in 2019.

They obviously keep our details for many years, as I received my email from Autodoc yesterday afternoon. It could be worse, but it's bad enough.

Noting that the hackers/scammers may have both my email address and phone number (and assume for a moment they have my password), are they able to intercept SMS messages to my phone (eg. with code for two factor authentication)?
User avatar
GiveMeABreak
Forum Admin Team
Posts: 40817
Joined: 15 Sep 2015, 19:38
x 6547

Re: Autodoc Hacked

Unread post by GiveMeABreak »

Passwords were not (according to them) part of the breach. 2FA authentication is not 100% failsafe, but is still considered best practice at present, as long as you don't click on any dodgy website links or links in the SMS.

Always make sure you initiate a secure session first to the secure website as you normally would and that you are contacting the original genuine site.

A technical explanation of how it can be compromised is shown here:



It's best to clear out your browser cookies ever so often, never save credit card details with online stores, never save passwords in your browser (use an independent password manager) can all help mitigate risk.
Please Don't PM Me For Technical Help

Marc
User avatar
xantia_v6
Forum Admin Team
Posts: 9565
Joined: 09 Nov 2005, 23:03
x 934

Re: Autodoc Hacked

Unread post by xantia_v6 »

There should be no danger of your SMS messages being intercepted, the phone networks are designed to avoid that kind of attack, unless you have some special service that allows SMS to be received on a device other than your phone.
User avatar
Ross_K
Posts: 1055
Joined: 18 Jul 2004, 22:26
x 110

Re: Autodoc Hacked

Unread post by Ross_K »

xantia_v6 wrote: 24 Aug 2022, 12:14 There should be no danger of your SMS messages being intercepted, the phone networks are designed to avoid that kind of attack, unless you have some special service that allows SMS to be received on a device other than your phone.
Interception isn't the problem as such, but if someone can discover your phone number (for example through a data breach such as this one) they can any number of things - send a spoofed SMS asking you to update your payment details on a clone of a legitimate site, or use a vishing attack (https://www.fortinet.com/resources/cybe ... ing-attack)

By the way, everyone should check their email address(es) on the 'have i been pwned?' site on a regular basis to see if their info's been leaked: https://haveibeenpwned.com/
ImageImage
User avatar
CitroJim
A very naughty boy
Posts: 51526
Joined: 30 Apr 2005, 23:33
x 6828

Re: Autodoc Hacked

Unread post by CitroJim »

I've just submitted a big order to Autodoc as they are a great resource for scarce early AX parts... I've use them in the past (pre-Brexit) and found them excellent... I hope they remain so...

Yes, freight can be a bit dear but if you wait until you can put in a big order it's not so bad...
Jim

Runner, cyclist, duathlete, Citroen AX fan and the CCC Citroenian 'From A to Z' Columnist...
Humph7
Posts: 35
Joined: 21 Nov 2017, 18:36
x 2

Re: Autodoc Hacked

Unread post by Humph7 »

I recently ordered a thermostat from them. It never arrived and emails weren't answered, The phone was not recognised either. I went to cancel through Paypal and found that it was a monthly payment.
User avatar
CitroJim
A very naughty boy
Posts: 51526
Joined: 30 Apr 2005, 23:33
x 6828

Re: Autodoc Hacked

Unread post by CitroJim »

Humph7 wrote: 02 Dec 2022, 20:36 I recently ordered a thermostat from them. It never arrived and emails weren't answered, The phone was not recognised either. I went to cancel through Paypal and found that it was a monthly payment.
That's worrying... Almost sounds like you ended up on a fake version of their site and got scammed...

My last order with them went absolutely perfectly...
Jim

Runner, cyclist, duathlete, Citroen AX fan and the CCC Citroenian 'From A to Z' Columnist...