Over 3.3 million Volkswagen, Audi customers' personal data breached

A data breach at a vendor of the Volkswagen Group affected more than 3.3 million customers and prospective buyers of the Volkswagen and Audi brands in North America. Around 3.1 million customers or interested buyers were affected in the US and approximately 163,000 in Canada.

An unauthorized third party obtained limited personal information about current and potential customers of the brands from the dealer.

The third party gathered information for sales and marketing between 2014 and 2019 from an electronic file that was left unsecured at the vendor.

(Also read | Volkswagen offers virtual test drive experience on social media in Covid times)

Data in the record for majority of people included phone numbers and email addresses and in some cases, data also included information about a vehicle purchased, leased, or inquired about.

Affected people included about 90,000 Audi customers and prospective buyers whose sensitive data relating to purchase or lease eligibility was impacted. The carmaker said it will offer free credit protection services to those individuals. In cases where sensitive information was compromised, the data included driver license numbers. A small number of records included additional data like dates of birth, Social Security numbers and account numbers.

(Also read | Volkswagen invests €500 million in battery manufacturing company)

The Volkswagen Group' dealers that use the Enterprise Lead Management (ELM) program offered through Shift Digital will face the data breach, Auto News reported citing Audi of America president, Daniel Weissland. "The information “does not affect all dealers, but will affect most, if not all," Weissland added.

Volkswagen believes that the data was obtained at some point between August 2019 and May of this year, when the automaker identified the source of the incident. The company also stated that for people affected in Canada, no sensitive information was breached.

(with inputs from Reuters)