CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Zoomcar Discloses Data Breach Affecting 8.4 Million Customers

By Leave a Comment

Zoomcar Holdings has reported a cybersecurity breach impacting approximately 8.4 million users, after a threat actor contacted employees claiming access to internal data.

The company has since activated its incident response procedures and launched a formal investigation.

The breach was identified on June 9, 2025, after certain employees at Zoomcar received external communications from a party alleging unauthorized access to company systems. According to the company’s Form 8-K filing submitted to the U.S. Securities and Exchange Commission, initial analysis confirmed that a third party had indeed accessed a limited dataset containing personal user information.

The compromised data includes:

  • user names
  • phone numbers
  • car registration numbers
  • personal addresses
  • email addresses

Zoomcar emphasized that, at this time, there is no indication that financial information, plaintext passwords, or other high-risk identifiers were part of the breach.

Zoomcar Holdings, Inc., a Delaware-registered firm headquartered in Bangalore, India, operates a peer-to-peer car-sharing platform focused on emerging markets, primarily in India and Southeast Asia. The company, listed under the ticker “ZOOM” on Nasdaq, has positioned itself as a mobility services provider catering to urban users who lack car ownership but seek flexible transportation options.

Following the breach discovery, the company initiated its internal incident response plan and began working with external cybersecurity experts to determine the scope and origin of the attack. Measures already implemented include enhanced network monitoring, a review of existing access controls, and the addition of new safeguards across its cloud and internal systems.

Law enforcement and regulatory agencies have been notified, and Zoomcar has stated its intent to cooperate fully with ongoing investigations. While the company reports no operational disruptions as a result of the breach, it is continuing to evaluate potential legal, financial, and reputational risks, as well as the likely cost of remediation efforts.

The filing cautions investors and stakeholders that while initial findings limit the scope of sensitive data compromised, the situation remains under review and outcomes may change based on further forensic analysis.

If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.

LinkedInReddit

More from CyberInsider

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Share to...
BlueskyBufferCopyFlipboardHacker NewsLineLinkedInMastodonMessengerMixNextdoorPinterestPocketPrintRedditSMSTelegramThreadsTumblrVKWhatsAppXingYummly