The Information · Taiwan · United Kingdom · The Register
FleetWave outage takes another turn. Chevin confirms crooks accessed customer data
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
A month after bringing systems back online, SaaS vendor tells customers attackers potentially walked off with operational data, contact details, and payroll numbers.
Key facts
- According to the email, Chevin’s forensic investigation determined that an "unauthorized third-party accessed and potentially acquired certain data" from customer databases backed up on April 3, 2026
- Chevin confirmed the breach in an email to customers, seen by The Register, marking the first time it has acknowledged that data was accessed during the April incident that knocked parts of web-based
- One Chevin customer told The Register their organization was unlikely to have been the intended ransomware target due to its size, suggesting the breach may have been aimed elsewhere
- Chevin is now offering affected customers a one-time download of their SQL database and a spreadsheet summarizing potentially exposed records through a secure portal
Summary
A month after Chevin Fleet Solutions declared its FleetWave outage contained and systems restored, the company has now admitted that attackers accessed customer databases and potentially acquired operational and personal data. Chevin confirmed the breach in an email to customers, seen by The Register, marking the first time it has acknowledged that data was accessed during the April incident that knocked parts of web-based software offline across the UK and US. At the time, Chevin said it had pulled parts of its Azure-hosted FleetWave tool offline while outside cybersecurity specialists investigated. Now it turns out that at least some customer databases were indeed affected by the breach.