VW Vendor Leaves Data Unsecured
A data breach at a Volkswagen vendor has impacted millions of customers and prospective car purchasers across North America.
The breach occurred after information gathered by the vendor between 2014 and 2019 for sales and marketing purposes was stored electronically in an unsecured file for years.
The majority of the individuals whose data was compromised were potential buyers or current customers of luxury car brand Audi. The Volkswagen Group formed Audi in 1969 after it bought the Auto Union from rival Daimler-Benz.
On June 11, the American arm of the Volkswagen Group revealed that an unauthorized third party had obtained small amounts of personal data belonging to customers and prospects from a digital sales and marketing company used by its Audi Volkswagen brands. VW dealers based in Canada and the United States also used the services of the vendor.
VW identified the source of the incident in May this year but believes that the data could have been illegally accessed at any point between August 2019 and May 2021.
Information exposed in the security incident included phone numbers and email addresses, and in some cases details of vehicle leasing, purchases, and purchase inquiries.
Volkswagen said it will offer free credit protection services to the 90,000 Audi customers and interested potential buyers or leasers whose sensitive data was accessed in the data breach. Included in the sensitive data was driver license numbers, Social Security numbers, account or loan numbers, tax identification numbers, and dates of birth.
