ELF A.I CyberSecurity Scoring
ELF
Company Information
Website:https://www.hypercommute.com/
Employees number:224
Number of followers:0
NAICS:484
Industry Type:Truck Transportation
Homepage:hypercommute.com
ELF Risk Score (AI oriented)
Between 800 and 849
ELFTruck Transportation
Updated:
30/04/2026
30/04/2026
809/1000
Good
A
ELF Global Score (TPRM)
xxxx
ELFTruck Transportation
Score locked

ELFGood
Current Score
809A (GOOD)
01000
1 incidents
-13 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
810
JUNE 2026
810
MAY 2026
809
APRIL 2026
822
Cyber Attack
16 Apr 2026 • ELF
Amazon, Temu, Sam’s Club, Grubhub, Lyft, CountryMax and Elf Cosmetics: Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
AI Coding Error Exposes Massive Stolen Credit Card Database
809
HIGH-13
ELFTEMCOUGRUAMASAMLYF1777580773
AI Coding Error Exposes Massive Stolen Credit Card Database
On 16 April, cybersecurity researchers uncovered a misconfigured server linked to Jerry’s Store, a dark web carding marketplace where hackers verify stolen credit cards. The leak stemmed from an AI-assisted coding mistake, revealing the group’s entire database including 345,000 credit cards, of which 145,000 were active.
The hackers used Cursor, an AI-powered code editor, to build a statistics dashboard. However, the AI generated an unauthenticated open web directory instead of a secure page, exposing the server to public access. Researchers found that Cursor’s lack of safety guardrails allowed the tool to assist in criminal activity without intervention, despite recognizing its use for credit card fraud.
The group tested stolen cards by making small transactions on major platforms, including Amazon (US & JP), Grubhub, Sam’s Club, Temu, Lyft, Elf Cosmetics, and CountryMax. Successful payments confirmed a card’s validity, increasing its dark web value $7 to $18 per card, with the full dataset potentially worth $2.6 million.
The exposed data included card numbers, security codes, cardholder names, and home addresses. Jerry’s Store, launched in late 2023, appears to be operated by a Chinese-speaking individual, though the server was hosted in Germany, likely via a bulletproof hosting provider to evade detection.
While the incident highlights risks in AI-assisted development, researchers noted that the leak also disrupted criminal operations by exposing their methods. Cursor has not yet responded to the findings.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
821
FEBRUARY 2026
821
JANUARY 2026
821
DECEMBER 2025
821
NOVEMBER 2025
821
OCTOBER 2025
821
SEPTEMBER 2025
821
AUGUST 2025
821
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for ELF ??
What was ELF's A.I Rankiteo Cyber Score in June 2026 ??
What was ELF's A.I Rankiteo Cyber Score in May 2026 ??
What was ELF's A.I Rankiteo Cyber Score in April 2026 ??
What was ELF's A.I Rankiteo Cyber Score in March 2026 ??
What was ELF's A.I Rankiteo Cyber Score in February 2026 ??
What was ELF's A.I Rankiteo Cyber Score in January 2026 ??
What was ELF's A.I Rankiteo Cyber Score in December 2025 ??
What was ELF's A.I Rankiteo Cyber Score in November 2025 ??
What was ELF's A.I Rankiteo Cyber Score in October 2025 ??
What was ELF's A.I Rankiteo Cyber Score in September 2025 ??
What was ELF's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on ELF's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with ELF ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view ELF's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?