Categories: CyberCrimeSecurity

Data Breach Affects 3.3m Volkswagen, Audi Customers

Volkswagen’s US subsidiary said the personal data of more than 3.3 million North American Volkswagen and Audi customers was exposed after a third-party service provider left the information unsecured for nearly two years.

Volkswagen Group of America confirmed that the customer data was collected from 2014 to 2019. The breach was first reportedly disclosed in a letter to the Maine attorney general.

An unnamed service provider used by VW, its Audi subsidiary and dealers in the US and Canada left the information unsecured for nearly two years, from August 2019 to May 2021.

Sensitive data

The data, gathered for sales and marketing purposes, included personal information about customers and prospective buyers, including their name, postal and email addresses and phone numbers.

In the case of more than 90,000 customers in the US and Canada, however, the data also included more sensitive information relating to loan eligibility.

In more than 95 percent of cases this took the form of driver’s licence numbers, but a “small” number of records also included customers’ dates of birth and Social Security numbers.

The company is notifying all those affected, and said it would offer free credit protection services to those who had more sensitive details exposed.


“We regret any inconvenience this may cause our current or potential customers,” VW said in a statement.

It said it had informed law enforcement and regulators and is working with the vendor and cybersecurity experts to respond to the situation.

Earlie this year insurance companies Metromile and Geico said their online quote forms had been hacked to obtain drivers’ licence numbers.

Other car insurance companies have also reported similar incidents. Geico said the scam was likely intended as part of an effort to file and cash fraudulent unemployment benefits.

Authorities say fraud activity has risen sharply during the pandemic.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

France’s Macron Changes Phone, After NSO Pegasus Report

Just in case. French President Emmanuel Macron changes both his physical phone, and his phone…

19 hours ago

Saudi Aramco Confirms Data Breach After $50m Ransom Demand

World's largest oil producer Saudi Aramco confirms compromise of some of its data, after hacker…

20 hours ago

Government To Compensate Victims Of Post Office Horizon Fiasco

Compensation promised by government for wrongly convicted postmasters, after Post Office Horizon scandal over past…

21 hours ago

Ofcom: Telecom Firms Must Do More To Help Struggling Customers

Despite falling average telecom prices, two million UK homes are struggling to afford internet access,…

2 days ago

Visa Continues Fintech Push With Currencycloud Acquisition

London-based forex specialist Currencycloud is to be acquired by payment giant Visa, in a deal…

2 days ago

Tesla To Open Supercharger Network To Other EVs

Elon Musk confirms he will open Tesla's DC fast-charging stations (Tesla Supercharger network) to other…

2 days ago