Fake Europcar data leak allegedly authored by ChatGPT

At the end of January, a member of a famous hacker forum claimed responsibility for a cyberattack against car rental giant EuropCar. The user claims to have stolen the personal information of more than 48 million Europcar customers and offers to sell them to the highest bidders. However, the database was completely invented according to the company. EuropCar explained to numerous media that the investigation into the data breach not only yielded nothing, but also that the information analyzed by the cyber teams would have been generated by artificial intelligence tools.

Vincent Vevaud, spokesperson for Europcar, told American media TechCrunch:

• “ The number of records is wrong and does not match the number of the company. »
• “ None of these email addresses are present in the customer database. »
• “ Sample data is likely generated by ChatGPT (addresses don’t exist, zip codes don’t match, first and last names don’t match email addresses, email addresses use very unusual TLDs). »

Troy Hunt, cyber expert at the head of the site “Have I Been Pwned” to check leaks, also adds on X (ex-twitter) that “ email addresses and usernames look nothing like the names of the corresponding people “.

Why invent a database with ChatGPT?

We asked ChatGPT to write a fictional EuropCar database. The result is rather convincing, although the addresses are very easily verifiable.

We cannot concretely guess what the objective of the author of the original post is. He may simply be trying to defraud other forum users by selling false information. The most worrying hypothesis would be that someone seeks to discredit a company by inventing a data leak. This process could be replicated in the future and as intelligent chatbot variants develop.

Do you want to know everything about the mobility of tomorrow, from electric cars to e-bikes? Subscribe now to our Watt Else newsletter!