Zoomcar Reports Data Breach Exposing 8.4 Million Indian Users

Zoomcar, the Indian car-sharing platform operating in 99 cities with a user base of over 10 million, disclosed a data breach affecting at least 8.4 million customers. The breach, detected on June 9, involved unauthorized access to personal information including names, phone numbers, car registration numbers, personal addresses, and email addresses, but there is no evidence that financial information or plaintext passwords were compromised. The company became aware of the incident after some employees received communications from a hacker claiming access to the data and promptly activated its incident response plan. Zoomcar has since implemented additional security measures, increased system monitoring, reviewed access controls, and engaged third-party cybersecurity experts while cooperating with regulatory and law enforcement authorities. Despite the breach, Zoomcar reported no disruption to its services and continues to operate as usual. The company is still evaluating the full scope and potential impact of the breach and has not disclosed whether affected customers have been notified.