Volkswagen and Audi Report Data Leak Affecting 3.3 Million Customers

  • A vendor of Volkswagen and Audi has suffered a lengthy data breach between 2019 and 2021.
  • The automakers learned about it only last month and are now circulating notices of a breach.
  • The compromised details include full names, email addresses, phone numbers, and postal addresses.

Volkswagen and Audi have released a notice of a data security incident that took place between August 2019 and May 2021, involving a hacker who accessed parts of the corporate network of a contracted vendor, potentially exfiltrating the details of 3.3 million customers. The particular system belonged to a vendor used by Audi and Volkswagen, two automakers that belong to the same group, and the discovery of the compromise came only on May 10, 2021.

From that point until now, an internal investigation was underway to determine what exactly was accessed by the hackers. Unfortunately, it involves the information of 3.3 million customers and also prospective buyers. The data includes full names, email addresses, phone numbers, and postal addresses. Moreover, for 90,000 customers based in the U.S. and Canada, there is also information relating to loan eligibility. And for even a smaller subset, driver’s license numbers, dates of birth, and social security numbers are also included.

Volkswagen is already circulating notices of a breach to the affected individuals, so what exactly applies to each customer should be clarified in the personalized letters. If not, you can call (833) 406-2408 or chat with a customer support agent on the respective websites and ask for more information about how this incident affects you specifically.

In the meantime, you should remain vigilant against incoming emails, calls, or even letters arriving via post mail. Scammers and phishing actors have numerous ways to exploit the above information, and many of them will attempt to approach you posing as VW or Audi. Note that the real notifications of the data breach will not ask you to share any personal information or sensitive data of any kind and will not request you to verify your identity.

The vendor responsible for this data breach hasn’t been revealed by Volkswagen, who chose to keep this between them and the authorities. We would say that this detail doesn’t matter much at this point, and the main issue here is the duration of the compromise. After almost two years of maintaining a presence on the vendor's network, the actors may have already tricked several customers.

Back in August 2020, the Conti ransomware group hit a network of Volkswagen dealerships in Germany, stealing sensitive data in the process. Back then, the VW Group informed TechNadu that its own IT systems weren’t compromised directly as its dealerships operate as separate, independent entities. We don’t know if the two cases are somehow connected, but it seems unlikely that they are.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari