Volkswagen AG’s US unit said a knowledge breach at a vendor impacted quite 3.3 million customers and prospective buyers in North America.
Nearly all those impacted were current or potential customers of Audi, one among the German automaker’s luxury brands.
Volkswagen Group of America said on Friday an unauthorized third party obtained limited personal information about customers and interested buyers from a vendor that its Audi Volkswagen brands and a few US and Canadian dealers used for digital sales and marketing.
The information was gathered for sales and marketing between 2014 and 2019 and was in an electronic file the seller left unsecured.
The company told regulators the overwhelming majority of consumers only had phone numbers and email addresses potentially impacted by the info breach. In some cases, data also includes information of a few vehicles purchased, leased, or inquired about.
VW said 90,000 Audi customers and prospective buyers had sensitive data impacted concerning purchase or lease eligibility. VW said it’ll offer free credit protection services to those individuals.
The sensitive data was composed of driver licence numbers in additional than 95 percent of cases. A little number of records included additional data like dates of birth, Social Security numbers, and account numbers.
The automaker doesn’t believe sensitive information is involved in Canada.
More than 3.1 million people affected are within the US.
VW believes the info was obtained at some point between August 2019 and should have this year, when the automaker identified the source of the incident.