Volkswagen has revealed that information about 3.3 million customers and prospective buyers was exposed after a supplier left the data unsecured online, TechCrunch has reported. The automaker gathered the information for sales and marketing purposes and most of the exposed data included names, addresses, emails and phone numbers. However, around 90,000 potential loan clients in the US and Canada also had more sensitive data exposed including driver’s license numbers and in a “small” number of cases, date of birth and social security numbers.
The automaker wrote in a customer letter that an unnamed vendor used by VW, Audi and authorized dealers left customer data from 2014-2019 exposed between August 2019 and May 2021. However, it didn’t say whether the information had been used by scammers. “We have also informed the appropriate authorities, including law enforcement and regulators, and are working with external cybersecurity experts and the vendor to assess and respond to this situation,” a spokesperson told TechCrunch
Driver’s license and social security numbers can be valuable to hackers, especially if combined with addresses, phone numbers and other data. After a recent insurance customer breach, Geico said that it believed fraudsters may have used stolen driver’s license numbers to apply for unemployment benefits. In its letter, VW said that it has partnered with IDX to provide customers with free credit protection services, including monitoring, insurance reimbursement and identity theft recover services, “should that occur.”
All products recommended by News Brig are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.