Ransomware: coinbasecartel claims Cambridge Mobile Telematics (US) — Technology

On June 12, 2026, a ransomware group known as coinbasecartel publicly claimed responsibility for a cyberattack against Cambridge Mobile Telematics, a US-based technology firm that provides telematics and data analytics for the automotive and insurance sectors. The claim was published on the ransomware.live data leak site, indicating that the group may have exfiltrated sensitive data. This incident highlights an ongoing threat to organizations handling connected vehicle data and insurance telematics.

Organizations in the automotive, insurance, and mobility technology sectors are directly affected, particularly those that rely on third-party telematics providers. Compliance teams at firms with data processing relationships with Cambridge Mobile Telematics or similar vendors should assess potential exposure under frameworks like the EU’s GDPR, the UK DPA, and US state breach notification laws. The breach may involve personal data such as driving behavior, location, or insurance-related information.

Compliance teams should immediately verify whether their organization has any data-sharing agreements with Cambridge Mobile Telematics and review contractual breach notification obligations. They should also update incident response plans to account for ransomware with data exfiltration, conduct a data mapping exercise for telematics data flows, and ensure that any affected EU/UK data subjects are notified within applicable regulatory timelines. Proactive engagement with legal counsel and data protection authorities is recommended.