Zoomcar

In July 2018 the Indian car rental service Zoomcar suffered a significant data breach that exposed the personal information of approximately 3.5 million users. The compromised data was later discovered for sale on darknet marketplaces in early 2020. The incident involved the unauthorized access of a database containing sensitive user details. Security researchers noted that the breach included hashed passwords using the bcrypt algorithm which provides some level of protection but the exposure of contact information remains a high risk for phishing and social engineering attacks.