In July 2018, the Indian self-drive car rental company Zoomcar suffered a data breach which was subsequently sold on a dark web marketplace in 2020. The breach exposed over 3.5M records including names, email and IP addresses, phone numbers and passwords stored as bcrypt hashes.

Domain Entries Date Breached Hashing Privacy acknowledged?
https://zoomcar.com 3,589,795 2018-07-01 bcrypt Public No

Information leaked

Email addresses, IP addresses, Names, Passwords, Phone numbers

Notice any errors/mistakes in this breach entry? Please contact us and we will fix it ASAP. We strive to be the best and most accurate, so your contribution(s) will be greatly appreciated.