Synopsis
As more goods and services become facilitated through internet-enabled devices, security at a distance whilst maintaining optimal levels of customer service becomes part of the challenge.
In June 2017, a malicious third party accessed the company's database by exploiting software vulnerabilities in the company's fleet booking system resulting in the use of the company's physical properties (rental cars) without their consent over 30 times. It turned out the malicious third party was both a security researcher and customer of the car service.
In January 2018, he arrested over the incident and in 2019 he plead guilty to five counts of take and drive conveyance without consent of owner and to one count each of dealing with identity and dishonestly obtaining financial advantage by deception. For these charges, he was sentenced to five years of community corrections (including 400 hours of community service work) and ordered to pay restitution to those impacted by his actions.
Speak to the analyst
Want to discuss this case? We're offering a FREE 20 minute phone consultation to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
Additional services
We offer a range of cost-effective, fixed-price training programmes and consultant services derived from the unique insights gained from all our case study data.
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.
Companies
- CarShare Australia Pty Ltd.
- GoGet CarShare
We've done the analysis so you can make the decisions
$489.99
When purchasing a minimum of
5 Case Studies
$699.99
if buying less than
5.
- Detailed cause & effect analysis
- Lessons learnt catalogued
- Preventive controls extracted