Stellantis data breach: Customer info exposed by third-party provider– What was compromised and who's at risk
Stellantis reported a data breach involving a third-party service provider. The company said it has activated incident response protocols and notified authorities, urging customers to be vigilant against phishing attempts amid rising cyber threats in the automotive sector.
Stellantis on Sunday reported a data breach involving a third-party service provider that supports its North American customer service operations. The company said the unauthorised access, currently under investigation, exposed only basic contact information and did not compromise financial details or sensitive personal data.
Company response and customer advisory
The Chrysler parent confirmed it has activated its incident response protocols, notified authorities and is directly informing affected customers. It also urged customers to be alert to potential phishing attempts. However, Stellantis did not disclose how many individuals were affected.
"Upon discovery, we immediately activated our incident response protocols and are directly informing affected customers," the automaker said in the statement.
Jaguar Land Rover operations severely hit
The latest incident adds to a string of recent cyberattacks targeting global automakers. Earlier in September, Jaguar Land Rover said a cybersecurity breach had “severely disrupted” its retail and production operations, forcing it to keep factories closed until 24 September.
The British carmaker said that the production at its UK plants will remain suspended until 24 September, prolonging a halt that has already lasted more than three weeks following a cyber attack. Owned by India’s Tata Motors, the company took its systems offline in early September to contain the breach, which has caused major disruption to both its manufacturing lines and retail operations.
Moreover, the automaker confirmed on Tuesday that its three UK factories, which normally turn out around 1,000 vehicles daily, will not resume work before 24 September. Thousands of its 33,000-strong workforce have been asked to stay at home during the shutdown.
“We have taken this step as our forensic investigation into the cyber incident continues, and while we plan for a phased and controlled restart of our global operations,” the company said in a statement published on its website.
It is noteworthy that the sector's growing reliance on digital platforms and external providers is increasing its exposure to cyber threats that risk disrupting operations and compromising customer data.
(With inputs from Reuters)