Volkswagen reports data breach affecting over 3.3 million Audi owners

Volkswagen reports data breach
Written by Emma Davis

The American division of Volkswagen AG (Volkswagen Group of America, Inc., VWGoA) reported a data breach by one of the third-party vendors working with the automaker in sales and marketing. The leak affected more than 3.3 million customers, most of whom are Audi owners.

A flaw in the third-party company’s system existed from August 2019 to May 2021, and as a result, an unauthorized person gained access to the personal data of customers. The leak was reported by TechCrunch, which received a letter written by representatives of Volkswagen to the Attorney General of Maine.

The document says the leak was caused by a third-party vendor who left one of their systems unprotected. VWGoA learned about the problem on March 10 of this year, however, for some reason, it took the vendor two more months to fix their server.

Not all Volkswagen customers were affected by the incident: according to the company, in total were involved 3.3 million people, and more than 97% were Audi owners or people interested in buying such cars.

It is reported that the leak contains the following personal data: name and surname, personal or business mailing address, email address, phone number. In some cases, the above data is also supplemented with information about the car purchased, rented or of interest to the client, including VIN, make, model, year of manufacture, colour and equipment.

For approximately 90,000 Audi customers or interested buyers, more sensitive information was available regarding eligibility for a purchase, loan or car lease. Almost all of the most sensitive data (over 95%) contain driver’s license numbers. Very few records also included dates of birth, social security numbers, bank and credit account numbers, and taxpayer identification numbers.the document says.

VWGoA has already started notifying affected customers. The aforementioned 90,000 people will receive free credit monitoring services and $1,000,000 in identity theft insurance.

Let me remind you that in late April 2021, the District of Columbia Central Police Department reported a hack and possible data leak after screenshots of internal files from the department’s servers were published on the Babuk Locker ransomware website.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply