Mercedes-Benz data breach

Mercedes-Benz USA (MBUSA is headquartered in Atlanta. This is the huge office that is responsible for the distribution, marketing, and customer service for all Mercedes-Benz products in the United States.

We now have cybersecurity information that Mercedes-Benz has exposed the customer’s credit card details, social security numbers, and driver’s license.

Information Disclosed

On June 11, 2021, an unrevealed vendor has reached out to Mercedes-Benz to inform that sensitive personal information of less than 1,000 Mercedes-Benz customers and interested buyers were unintentionally made accessible on the cloud storage platform.

It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014, and June 19, 2017. There has not seen any Mercedes-Benz systems which are compromised as a result of this incident, and at this time, there is no evidence that any Mercedes-Benz files were maliciously misused.

EHA

Mercedes-Benz says “Data security is a serious matter for MBUSA. Our vendor confirmed that the issue is corrected and that such an event cannot be replicated. We will continue our investigation to ensure that this situation is properly addressed”

Data that is Expected to be Available for a Public Audience

The vendor reports that the personal information for these individuals (less than 1,000) is comprised mainly of self-reported credit scores as well as a very small number of driver license numbers, social security numbers, credit card information and dates of birth.

To view the information, one would need knowledge of special software programs and tools – an Internet search would not return any information contained in these files.

Mercedes-Benz’s action plan

MBUSA has stressed reviewing the total data entry record. It has determined that less than 1,000 individual Mercedes-Benz customers and interested buyers had additional personal information in a publicly accessible state. Mercedes-Benz USA has already started notifying individuals, whose additional information was accessible.

Any individual who had credit card information, a driver’s license number, or a social security number included in the data will be offered a complimentary 24-month subscription to a credit monitoring service.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Computer Storage Chip Maker ADATA Suffers 700 GB Data Leak In Ragnar Locker Ransomware Attack

CVS Health Data Breach – Over a Billion of Sensitive Records Exposed Online

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.