Security Breach Exposes Data Of 3.3 M Volkswagen, Audi Customers, Interested Buyers


(Editor’s Note: The original version of this story has been updated with new comments from VW) 

Information about 3.3 million customers and prospective buyers of Volkswagen (VW) brands (Volkswagen is owner of more than a dozen automotive brands — including Audi, Bentley, Lamborghini and Porsche)  was reportedly compromised as an external vendor reportedly left data unsecured.

The data accessed included personal details, like driver’s license numbers, email addresses and phone numbers — and, in some instances, Social Security numbers, as reported by CNN. A spokeswoman told PYMNTS via email that the more sensitive data access related to roughly 90,000 customers in North America, and added that the company is in the process of reaching out to all of the individuals impacted (beyond the aforementioned 90,000), whether or not the company is required to do so by law or not.

The data were gathered between 2014 and 2019, and the spokeswoman told PYMNTS that based on analysis to date, the “vast majority” of the info related to Audi customers and interested buyers. The information had been collected and saved for marketing purposes, according to VW (VLKPF), and had been left in an unsecured file. VW did not name the vendor.

“We regret any inconvenience this may cause our current or potential customers,” VW USA said in a statement. “As always, we recommend that individuals remain alert for suspicious emails or other communications that might ask them to provide information about themselves or their vehicles.”

Cyberattacks, in general, are on the rise, in part due to COVID-19. Cybercrime in Europe doubled as hackers found ways to benefit from the pandemic. The European Union Agency for Cybersecurity (ENISA) said that 2020 had more than twice as many attacks as the prior year — 304 compared to 146 in 2019.

McDonald’s was the victim of a hack that affected its eateries in the U.S., South Korea and Taiwan. Employee and franchisee contact information was exposed, as well as architectural information about restaurants.

The May Securing eCommerce Study, a collaboration between PYMNTS and NuData, indicated that online sellers are responsible for keeping customer data secure. Some 65 percent of all eCommerce customers said in the study that just one data breach would cause them to leave a merchant for good.