The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum.
Whoosh is Russia’s leading urban mobility service platform, operating in 40 cities with over 75,000 scooters.
On Friday, a threat actor began selling the stolen data on a hacking forum, which allegedly contains promotion codes that can be used to access the service for free, as well as partial user identification and payment card data.
The company confirmed the cyberattack via statements on Russian media earlier this month but claimed that its IT experts had managed to thwart it successfully.