Volkswagen has disclosed a data breach with one of its vendors, impacting some 3.3 million North American customers and prospective buyers.
Volkswagen is currently the largest auto maker in the world, and has been for several years. Like many companies, however, VW uses outside vendors to help handle sales and marketing data, and it appears one of those vendors is responsible for a massive data breach.
According to Reuters, the breach involved sales and marketing data collected between 2014 and 2019, primarily for VW’s Audi brand. The vendor responsible for the data had left it unsecured on the internet from August 2019 to May 2021 when it was accessed by an unauthorized third party.
VW told regulators that phone numbers and email addresses comprised the bulk of the data accessed, although vehicle information may also have been involved. Of sensitive data accessed, 95% of it involved driver license numbers, with a small amount also including birth dates, Social Security number and account numbers.