Volkswagen’s US division stated that a data breach from a supplier affected more than 3.3 million customers and potential buyers in North America.

Almost all the people affected are current or potential customers of Audi, one of the luxury brands of the German automaker.

The Volkswagen Group of the United States said on Friday that an unauthorized third party obtained limited personal information about customers and interested buyers from a supplier, which was used by the supplier’s Audi Volkswagen brand and some US and Canadian dealers. For digital sales and marketing.

This information was collected for sales and marketing between 2014 and 2019 and is stored in unprotected electronic files of the supplier.

The company told regulators that the vast majority of customers only have phone numbers and email addresses, which may be affected by the data breach. In some cases, the data also includes information about vehicles purchased, leased, or queried.

Volkswagen stated that the sensitive data of 90,000 Audi customers and potential buyers is related to the eligibility for purchase or lease. Volkswagen said it would provide these individuals with free credit protection services.

In more than 95% of cases, sensitive data consists of a driver’s license number. A few records include other data, such as date of birth, social security number, and account number.

The automaker believes that Canada does not involve sensitive information.

More than 3.1 million people are affected in the United States.

Volkswagen believes that these data were obtained at some point between August 2019 and May this year, when the automaker determined the source of the incident.

See also  Facebook will pay $650 million in U.S. privacy lawsuit settlement

© Thomson Reuters 2021