"Attackers Target Volkswagen Vendor; 3.3 Million Audi Customers Impacted"

Volkswagen revealed that its third-party vendor faced a data breach that impacted over 3.3 million current customers and prospective buyers of Audi vehicles in the U.S. and Canada. According to a statement released by the German car manufacturer, the data exposed by the breach was used for sales and marketing purposes between 2014 and 2019. The threat actors were able to access the customer data because the vendor left it unsecured and exposed online at some point between August 2019 and May 2021. The exposed data contains contact information relating to Audi customers and interested buyers, such as first and last name, personal or business mailing address, email address, and phone number. The vehicle data exposed in the breach includes information about a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), color, year, make, model, and trim packages. In some instances, the data also contains more sensitive information regarding eligibility for purchase, loan, or lease. The more sensitive data consists of driver's license numbers, dates of birth, Social Security numbers, insurance details, tax identification numbers, and bank account numbers. The attackers behind the data breach remain unknown. Volkswagen is conducting an investigation to determine the incident's nature and scope and has begun notifying affected individuals. As threat actors could exploit the leaked data in various ways, customers are urged to be vigilant about suspicious emails or SMSs appearing to be from Audi or Volkswagen. This article continues to discuss the third-party vendor data breach at Volkswagen that has affected more than 3.3 million customers.

CISO MAG reports "Attackers Target Volkswagen Vendor; 3.3 Million Audi Customers Impacted"