After a vendor exposed unsecured data on the Internet, Audi and Volkswagen suffered a data breach impacting 3.3 million customers.
Volkswagen Group of America, Inc. (VWGoA) is the German Volkswagen Group’s North American subsidiary.
Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc. all have operations in the United States and Canada.
Volkswagen stated that between August 2019 and May 2021, a vendor left unsecured data accessible on the Internet, according to data breach notifications filed with the California and Maine Attorney General’s offices.
Personal information about customers and prospective buyers, such as their name, postal and email addresses, and phone number, was included in the data, which Volkswagen says was obtained for sales and marketing.
However, more sensitive data, such as loan eligibility information, was exposed for over 90,000 clients in the United States and Canada.
The majority of the sensitive data was driver’s license numbers, but a “small” number of records also included a customer’s date of birth and Social Security numbers, according to the letter. (first reported by TechCrunch)
The data included some or all of the following contact information about you: first and last name, personal or business mailing address, email address, or phone number.
In some instances, the data also included information about a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages, explains the Volkswagen data breach notification
VWGoA began sending out mails to concerned customers and prospective customers yesterday, warning them to be on the watch for fraudulent emails, phone calls, or texts.
There’s no way of knowing how many people acquired unauthorized access to the Audi and Volkswagen data because it was left unprotected for so long.
As a result, all communications claiming to be from Audi or Volkswagen, particularly email or SMS text messages, should be viewed with caution.
If you had more sensitive information exposed, you should freeze your credit report to make it more difficult for third parties to steal your identity and take out credit in your name.
You might also like: JBS ransomware attack: paid $11 million to REvil ransomware