Volkswagen says greater than 3.3 million prospects had their info exposed after considered one of its distributors left a cache of buyer information unsecured on the web.
The automobile maker stated in a letter that the seller, utilized by Volkswagen, its subsidiary Audi, and approved sellers within the U.S. and Canada, left the shopper information spanning 2014 to 2019 unprotected over a two-year window between August 2019 and May 2021.
The information, which Volkswagen stated was gathered for gross sales and advertising, contained private details about prospects and potential consumers, together with their title, postal and e mail addresses, and cellphone quantity.
But greater than 90,000 prospects throughout the U.S. and Canada additionally had extra delicate information exposed, together with info referring to mortgage eligibility. The letter stated many of the delicate information was driver’s license numbers, however that a “small” variety of information additionally included a buyer’s date of delivery and Social Security numbers.
Volkswagen didn’t title the seller, and a firm spokesperson didn’t instantly remark.
It’s the most recent security incident involving driver’s license numbers in current months. Insurance giants Metromile and Geico admitted earlier this yr that their quote types had been abused by scammers making an attempt to acquire driver’s license numbers. Several different automobile insurance coverage firms have additionally reported related incidents involving the theft of driver’s license numbers. Geico stated it was seemingly an effort by scammers to file and money fraudulent unemployment advantages in one other individual’s title.
Volkswagen’s letter, nevertheless, didn’t say if the corporate had proof that the info exposed by the seller was misused.