Volkswagen and Audi have suffered a data breach affecting 3.3 million customers, after a vendor exposed unsecured data on the Internet.
Volkswagen Group of America, Inc. (VWoA) is responsible for five marques: Audi, Bentley, Bugatti, Lamborghini, and Volkswagen cars. It also controls VW Credit, Inc. (VCI), Volkswagen’s financial services and credit operations
According to data breach notifications it filed, VWGoA disclosed that a vendor left unsecured data exposed on the Internet between August 2019 and May 2021.
The data included some or all of the following contact information: first and last name, personal or business mailing address, email address, or phone number. In some cases, the data also included information about a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages.
“For approximately 90,000 Audi customers or interested buyers, the data also includes more sensitive information relating to eligibility for a purchase, loan, or lease. Nearly all of the more sensitive data (over 95%) consists of driver’s license numbers. A very small number of records include data such as dates of birth, Social Security or social insurance numbers, account or loan numbers, and tax identification numbers.” continues the letter.
For those customers 90,000 customers who had more sensitive information exposed, Volkswagen is offering free credit monitoring services.
Read more about it here.