Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet.
Volkswagen Group of America, Inc. (VWGoA) is the North American subsidiary of the German Volkswagen Group. It is responsible for US and Canadian operations for Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc.
According to data breach notifications filed with the California and Maine Attorney General’s office, VWGoA disclosed that a vendor left unsecured data exposed on the Internet between August 2019 and May 2021.
On March 20th, VWGoA was notified by the vendor that an unauthorized person had accessed the data and may have obtained the customer information for Audi, Volkswagen, and some authorized dealers.
VWGoA states that the breach involved 3.3 million customers, with over 97% of those affected relating to Audi customers and interested buyers.
The data exposed varies per customer but could range from contact information to more sensitive information such as social security numbers and loan numbers.