Automobile manufacturer Skoda has disclosed a data breach impacting the personal information of its online shop’s users.
The incident, the company says, was discovered as part of its technical security monitoring and was the result of a vulnerability in the portal’s software.
Immediately after learning of the cyberattack, the car maker took the shop offline, patched the exploited vulnerability, reviewed existing security mechanisms, and retained external forensics experts to help with the investigation. It also notified the relevant authorities.
The hackers, it explains, exploited the bug to access the shop system and accessed data processed through it, including customer names, addresses, email addresses, phone numbers, order details, and information on user accounts.
According to Skoda, password hashes were also accessed as part of the breach, but no credit card data was compromised, as these details are processed exclusively through payment service providers and not stored on its systems.
The car maker says that the protocols it has in place make it impossible to determine if and to what extent data was exfiltrated from its servers. The company has yet to disclose how many individuals were potentially affected.
Skoda says it has no evidence that the potentially compromised data might have been misused, but tells users to remain vigilant for phishing messages and unauthorized account logins.
The company also recommends that users change their passwords, especially if used with multiple accounts across different services, and refrain from disclosing personal information or clicking on links in communication that refers to their relationship with Skoda.
Established in 1896 in the Czech Republic, Skoda has been a wholly owned subsidiary of Volkswagen Group since 2000. Skoda cars are sold in over 100 countries.
Related: AI Firm Braintrust Prompts API Key Rotation After Data Breach
Related: Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Related: Vimeo Confirms User and Customer Data Breach
Related: Luxury Cosmetics Giant Rituals Discloses Data Breach
