Volkswagen announced on Friday that it recently discovered a data breach that affects more than 3.3 million customers and potential buyers in North America.
An unauthorized third party obtained limited personal information from a vendor that Audi, Volkswagen and some authorized dealers in the U.S. and Canada use for digital sales and marketing activities. The information was gathered for these purposes between 2014 and 2019 and was apparently stored in an electronic file that the vendor left unsecured.
- Also: The Car Guide's Best Buys for 2021: Audi Q5
- Also: The Car Guide's Best Buys for 2021: Audi A4 and A5
More specifically, the breach involves contact information relating to approximately 3,300 Volkswagen customers and interested buyers in the U.S., as well as 3.1 million Audi customers or interested buyers in the U.S. and 163,000 in Canada. This information includes data such as names, mailing addresses, email addresses or phone numbers and, in some cases, vehicle data such as VINs and vehicle features.
Sensible information like driver’s license numbers, dates of birth, Social Security numbers and account numbers relating to approximately 90,000 Audi customers or interested buyers in the U.S.—though none in Canada—was also obtained.
All affected individuals will be notified directly. Of course, Volkswagen has informed the appropriate authorities, including law enforcement and regulators, and is working with external cybersecurity experts and the vendor to assess and respond to this situation.
“We regret any inconvenience this may cause our current or potential customers,” the automaker wrote in a statement. “As always, we recommend that individuals remain alert for suspicious emails or other communications that might ask them to provide information about themselves or their vehicle.”