A data breach at a vendor impacted more than 3.3 million customers and prospective buyers in North America.
Volkswagen AG’s U.S. unit said a data breach at a vendor impacted more than 3.3 million customers and possible buyers in North America.
Nearly all those impacted were current or potential customers of Audi, one of the German automaker’s luxury brands.
Volkswagen Group of America said on Friday an unauthorized third party obtained limited personal information about customers and prospected buyers from a vendor that its Audi Volkswagen brands and some U.S. and Canadian dealers used for digital sales and marketing.
The information was probably obtained from sales and marketing between 2014 and 2019 and was in an electronic file the vendor left unsecured.
The company told regulators most of the customers only had phone numbers and email addresses potentially impacted by the data breach. But, in some cases, data also includes information about a vehicle purchased, driver license numbers, leased, or inquired about.
The company has reached out to 90,000 people in the US — mostly Audi customers or shoppers — who had especially sensitive information taken in the breach. VW will offer free credit protection services to the people that was impacted.
A small number of records included additional data like dates of birth, Social Security numbers and account numbers.
Nearly all those impacted were current or potential customers of Audi, one of the German automaker’s luxury brands.
“We regret any inconvenience this may cause our current or potential customers,” VW USA said in a statement. “As always, we recommend that individuals remain alert for suspicious emails or other communications that might ask them to provide information about themselves or their vehicle.”
