The iconic American motorcycle manufacturer, Harley-Davidson, faces a new setback with recent news of a cyber attack that reportedly compromised data from over 66,000 customers. The attack occurred during the Christmas period and is attributed to the cyber group 888, known for several high-profile attacks in the past.
The RedHotCyber (RHC) website reported that group 888 published a sample of the stolen data on an online forum. This sample allegedly contained information that could only have been obtained from Harley-Davidson’s own IT infrastructure or from a third-party provider. This situation highlights the company’s vulnerability and the possible exposure of sensitive customer data.
Group 888 has a history of involvement in significant attacks, such as the one in September 2024 against Oracle, where personal and professional data of more than 4,000 employees were exposed. They were also responsible for an attack that compromised the contact details of 33,000 Accenture employees.
The crucial difference in this Harley-Davidson attack is that, unlike previous incidents involving employee data, this one compromised customer information. It’s not yet known exactly what type of data was stolen, but there are concerns that it may include names, addresses, and possibly financial details, given that Harley-Davidson also offers financial services.
This attack could have significant financial implications for Harley-Davidson, especially if data protection rule violations are proven. Although the company has not yet officially confirmed the attack, the allegations launched by RHC suggest a concerning scenario for Harley-Davidson’s data security.
At a time when data protection becomes increasingly crucial, this incident highlights the importance of robust cybersecurity measures to prevent future attacks and protect customer information.
