Have I Been Pwned has added the US automotive marketplace Edmunds to its breach corpus with 177,860 unique email addresses. Edmunds is a widely used car-research and shopping platform offering pricing, reviews, and dealer listings. As is typical for HIBP additions, the underlying breach source and disclosure details are not published alongside the entry, but the listing lets individuals and organizations check whether their accounts appear in the leaked dataset. Affected users should anticipate car-buying-themed phishing such as financing offers, dealer-contact lures, or vehicle-quote follow-ups, and should rotate any reused passwords. The addition continues a steady run of mid-size US consumer-platform breaches surfacing in HIBP.
Skoda Auto, the Volkswagen Group's Czech-built carmaker with 34,000 employees and 27 billion euros in annual sales, disclosed that attackers exploited a flaw in its German online shop software to access customer data. The breach hit shop.skoda-auto.de, not Skoda's global systems or the Skoda Connect portal. Exposed information includes names, addresses, email addresses, phone numbers, order history, account data, and password hashes. Payment card details were not stored on the affected system. Skoda took the shop offline, patched the flaw, and engaged external forensics, but admitted its server logs cannot retrospectively confirm exactly what data was copied out during the intrusion window.