Stellantis Data Breach: Customer Personal Data Stolen

Stellantis Confirms Data Breach Affecting Customer Information

Stellantis, the multinational automotive manufacturing corporation encompassing brands like Chrysler, Fiat, Jeep, Dodge, and Ram, has officially acknowledged a data security incident.

The breach involved the compromise of personal data belonging to its customers. This confirmation was made public in a statement released by Stellantis on Sunday.

Details of the Incident

According to the statement, the security incident originated from a vulnerability within the platform of a third-party service provider. This provider supports Stellantis’ North American customer service functions.

The compromised data included “contact information,” however, specific details regarding the types of customer data accessed during the breach remain undisclosed.

Stellantis spokesperson Kaileen Connelly did not respond to direct inquiries from TechCrunch concerning the precise nature of the data affected.

Furthermore, the company has not yet revealed the total number of customers being notified about the potential exposure of their information.

Link to ShinyHunters Hack

Reports from Bleeping Computer indicate a connection between the Stellantis data breach and a recent hack targeting its Salesforce database.

The hacking group known as ShinyHunters has claimed responsibility for the breach.

It is alleged that approximately 18 million customer records were illicitly obtained from the database.

Wider Trend of Salesforce-Related Breaches

Stellantis joins a growing number of organizations impacted by data breaches linked to Salesforce instances.

Other notable companies affected include Cloudflare, Google, and Proofpoint, as well as those impacted by recent breaches affecting Salesloft and Drift.

This incident highlights a broader pattern of vulnerabilities within the Salesforce ecosystem.

This article has been updated to include a response from Stellantis.