June 13, 2025 · Applied Cybernetics Group
Zoomcar Holdings, Inc. — 8-K Item 1.05
- Filer
- Zoomcar Holdings, Inc. (ZCAR)
- CIK
0001854275- Accession
0001213900-25-054319- Filed
2025-06-13- Records
- not stated
- Attacker
- unstated
- EDGAR
- https://www.sec.gov/Archives/edgar/data/1854275/000121390025054319/ea0245724-8k_zoomcar.htm
Narrative (as filed)
On June 9, 2025, Zoomcar Holdings, Inc. (the “Company”) identified a cybersecurity incident involving unauthorized access to its information systems. The Company became aware of the incident after certain employees received external communications from a threat actor alleging unauthorized access to Company data. Upon discovery, the Company promptly activated its incident response plan. Based on preliminary findings, the Company determined that an unauthorized third party accessed a limited dataset containing certain personal information of a subset of approximately 8.4 million users, including names, phone numbers, car registration numbers, personal addresses and email addresses associated with such users. At this time, there is no evidence that financial information, plaintext passwords, or other sensitive identifiers were compromised. In response to the incident, the Company has taken immediate actions to contain the threat and enhance its security posture. These measures include implementing additional safeguards across the cloud and internal network, increasing system monitoring, and reviewing access controls. The Company is also engaging with third-party cybersecurity experts to further assist with the investigation. The Company has also notified the appropriate regulatory and law enforcement authorities and is cooperating fully with their inquiries. To date, the incident has not resulted in any material disruption to the Company’s operations. However, the Company continues to evaluate the scope and potential impacts of the event, including legal, financial, and reputational considerations, as well as any associated remediation costs. Forward-Looking Statements This report contains “forward-looking statements” within the meaning of the “safe harbor” provisions of the Private Securities Litigation Reform Act of 1995, including but not limited to, statements regarding the Company’s expectations regarding the incident disclosed and its impact on the Company. When used in this discussion, the words “may,” “believes,” “intends,” “seeks,” “aims,” “anticipates,” “plans,” “estimates,” “expects,” “should,” “assumes,” “continues,” “could,” “will,” “future” and the negative of these or similar terms and phrases are intended to identify forward-looking statements in this press release. Forward-looking statements reflect our current expectations regarding future events, results or outcomes. These expectations may or may not be realized. Although we believe the expectations reflected in the forward-looking statements are reasonable, we can give you no assurance these expectations will prove to be correct. Some of these expectations may be based upon assumptions, data or judgments that prove to be incorrect. Actual events, results and outcomes may differ materially from our expectations due to a variety of known and unknown risks, uncertainties and other factors. For a detailed discussion of these and other risk factors, please refer to the risks detailed in our filings with the Securities and Exchange Commission, including, without limitation, our Annual Report on Form 10-K and subsequent periodic and current reports. Past performance is not necessarily indicative of future results. We undertake no intention or obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. Forward-looking statements should not be relied upon as representing our views as of any date subsequent to the date of this press release. 1