NOTIFICATION OF A PERSONAL DATA SECURITY BREACH

23rd of October 2024

Who are we? We are UAB “RAMIDONAS” (hereinafter referred to as the Company or we), a company registered at Pramonės St. 4, Šveicarijos village, LT-55302, Jonava district, Republic of Lithuania. Our business activities include car sales, sales of used car parts, light vehicle body repairs.

This notification is to inform you of a personal data security breach that occurred within our Company on the 4th of November 2023.

What happened? An unknown malicious actor gained unauthorized access to our website’s database, copied it, and disclosed the data on the Telegram channel “Leakbase” (which is currently inaccessible). We became aware of this incident on the 18th of January 2024 and immediately initiated a thorough investigation.

Why did this happen? We believe that the data breach occurred because of unauthorized access to login credentials.
What personal data of yours may have been affected? Depending on the services you used and the information you provided to us, the following personal data may have been compromised:

  • Identification data: full name, email address, delivery address, residential address, date of birth, personal identification number, passport or ID card details, and driving license details;
  • Payment data: payer’s name, date, amount, payment method, and VAT payer number;
  • Vehicle data: license plate number and VIN (for example, VIN of vehicles submitted for scrappage);
  • Employee data: full names, usernames, email addresses, and IP addresses.

What measures have we taken? We have implemented the following security measures:

  • Blocked external access to the Company’s network;
  • Reviewed and strengthened access to sensitive data;
  • Deleted and recreated all user accounts with access to the database;
  • Changed security passwords and enhanced internal security measures (such as reviewing firewall configurations);
  • Reported the incident to the State Data Protection Inspectorate of the Republic of Lithuania and consulted with experts;
  • Submitted official requests to Telegram to delete the unlawfully disclosed data (the data is currently inaccessible on the Telegram channels known to us).

How might this affect you and what should you do? The leaked data could be used for malicious purposes. To protect yourself from harm, we recommend:

  • Changing the passwords for any accounts you used in connection with us;
  • Remaining vigilant and critically assessing all incoming calls and messages;
  • Monitoring your profiles, accounts closely, and if you notice anything suspicious, immediately contact the relevant authorities or specialists.

How to contact us? If you have any further questions, please feel free to contact our representative director Ramūnas Rudžianskas ramunas@ramidonas.lt.