Recently, Mercedes-Benz reported that one of its vendors had suffered a data breach, exposing the personal and sensitive data of customers and potential buyers. The incident has impacted less than 1,000 consumers, according to the company.
Customers who input their personal information on Mercedes-Benz websites from January 1, 2014, to June 19, 2017, were the collected data, as per the Mercedes-Benz statement. The data was accidentally made available while remaining on a cloud storage infrastructure of the vendor.
After an external security expert discovered the breach, the company quickly resolved the issue. The car firm also stated that it has alerted the necessary government organizations and that it has already started contacting people impacted by the incident.
Both customers' and potential buyer's driver's license numbers, credit card details, and social security numbers may have been exposed throughout the impacted timeframe. Furthermore, the data leak includes birth dates and credit ratings.
Names, phone numbers, addresses, and email addresses of the customers comprise the majority of the personal data exposed. Mercedes said that anyone whose private data was compromised will get a free credit monitoring service subscription for a year.
To access the information, Mercedes-Benz claimed that one must know specific software tools and applications, adding that search on the web would not reveal any data stored in such documents.
In May, the source code for the smart vehicle parts of Mercedes-Benz was released online in a comparable hack.
The topic made headlines after a Swiss software engineer discovered a Daimler AG Git site. Here, he has registered an account and has viewed over 580 Git archives, along with the Mercedes OLU unit’s source code.
On the other hand, Volkswagen, another German carmaker, recently disclosed that a data leak had impacted about 3.3 million clients of the company and its luxury automotive affiliate Audi for more than 2 years.
The automaker said that Canadian and American individual’s private details, such as vehicle identification number, address, email address, mobile number, and drivers' license number, were reportedly available on the internet.
Despite this, the car firm accused an unknown third party of the massive breach, claiming that the info was collected for promotional reasons and was stored on an unprotected database.
All cybersecurity attacks result in better cybersecurity policies. For automakers and other firms that store their consumers' sensitive information, maintaining the integrity of their systems against hackers and vulnerabilities is a constant concern.