15 June 21, 11:52
(This post was last modified: 15 June 21, 11:53 by silversurfer.)
Quote:One of Volkswagen’s vendors left one of its systems open for nearly two years, exposing the personal data of 3.3 million customers – nearly all of them owners or wannabe owners of the automaker’s luxury brand of Audis – Volkswagen America said last week.
The breach took place between August 2019 and May 2021, Volkswagen said in a letter to the Maine Attorney General that was first spotted by TechCrunch reporter Zack Whittaker.
The car maker said that the data, mostly collected for sales and marketing, was exposed by a vendor used by Volkswagen, its Audi subsidiary and authorized dealers.
For upwards of 97 percent of the affected customers, the third party got access to personal information about customers and prospective buyers, including names, postal and email addresses, and phone numbers.
Other buyers or prospective buyers got hit harder, since they had more sensitive data – including Social Security numbers, dates of birth and driver’s license numbers – stored on the vendor’s leaky server, as Volkswagen explained in its letter [...]
Read more: Volkswagen Vendor Exposed Data of 3.3m Drivers | Threatpost