Another day, another data breach news surfacing the internet. This time for Mercedes-Benz USA, who unintentionally leaked the personal information of at least 1,000 customers and potential buyers on June 24. The data breach affecting customer data stored with the company between January 2014 and June 2017. Customers’ credit scores, driver’s license, and social security numbers, and credit card information were accidentally made publicly available on the cloud storage platform by the luxury carmaker. The carmaker stated, however, that none of the personal data was misused or compromised.
A Mercedes-Benz vendor informed the company on June 11th that the personal information of a few customers had been exposed thanks to an improperly secured cloud storage configuration. While the German car brand and luxury vehicle manufacturer has acknowledged a data breach affecting certain customers and potential buyers. The investigation was conducted, according to the Manufacturer, to analyze the accessibility of roughly 1.6 million unique records.
Mercedes has offered customers who were affected by the data breach a two-year complimentary subscription to a credit monitoring service, assuring them that their credit card information, driver’s license number, and Social Security number were not compromised and that no files were accessed. To misuse the breached data a person will require a high level of knowledge, according to the company, of specific software and tools. Although no data were found at risk for a casual internet search.
Mercedes-Benz’s source code for their components “smart car” reportedly leaked online with a similar breach in May. The matter came in the news after a Swiss-based software developer found a Daimler AG Git web portal, where he was able to create an account on the code-hosting portal and accessed more than 580 Git repositories including the source code for the Mercedes OLU unit.
Last week another Germany-based automaker, Volkswagen also revealed that a data breach had affected roughly 3.3 million Volkswagen and its premium automobile subsidiary Audi customers for over two years. Millions of Americans’ and Canadians’ personal data, including phone numbers, email addresses, postal mailing addresses, vehicle identification numbers, and drivers’ license numbers, were allegedly accessible online, according to the carmaker. The company nonetheless blamed an outside entity for the huge infringement that this ‘unnamed’ company retrieved the data “for marketing purposes” and eventually left it on an unsecured server.
In the end, all data breaches lead to improved privacy practices. Staying ahead of hackers and leaks is a continuous threat for automakers and other companies storing their users’ crucial data.