Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Mercedes-Benz USA Says Vendor Exposed Customer Information

Mercedes-Benz USA said last week that sensitive personal information pertaining to its customers was inadvertently exposed by a vendor.

Mercedes-Benz USA said last week that sensitive personal information pertaining to its customers was inadvertently exposed by a vendor.

The incident, initially disclosed by the affected vendor on June 11, involved more than 1.6 million records, a vast majority of which including names, addresses, email addresses, phone numbers, and some details on purchased vehicles.

However, only “less than 1,000 Mercedes-Benz customers and interested buyers” had what the German luxury carmaker described as “sensitive personal information” impacted.

This information includes self-reported credit scores, along with a small number of credit card details, dates of birth, driver license numbers, and social security numbers.

“To view the information, one would need knowledge of special software programs and tools – an Internet search would not return any information contained in these files,” Mercedes-Benz says.

The company has started notifying those whose additional information was accessible.

The information was exposed on a cloud storage platform that was likely incorrectly configured, but which has since been secured.

“It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014 and June 19, 2017,” the company says.

Advertisement. Scroll to continue reading.

Mercedes-Benz also notes that none of its systems has been compromised as part of the incident and that it has no evidence that any of its files were maliciously misused.

Related: Volkswagen America Discloses Data Breach Impacting 3.3 Million

Related: UK Law Firm Gateley Discloses Data Breach

Related: Japanese Ministries Confirm Impact from Fujitsu Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights