The US unit of Volkswagen AG said a seller’s data breach affected more than 3.3 million customers and potential buyers in North America.
Almost all of the affected were current or potential customers of Audi, one of the German automaker’s luxury brands.
Volkswagen Data Breach
Volkswagen Group of America said Friday that an unauthorized third party obtained limited personal information about customers and interested buyers from a seller that its Audi Volkswagen brand and certain US and Canadian dealers use for digital sales and marketing. .
The information was collected for sale and marketing between 2014 and 2019 and was in an electronic file that the seller had left unprotected.
The company told regulators that most customers only have phone numbers and email addresses potentially affected by the data breach. In some cases, the data also includes information about the vehicle purchased, leased or questioned.
VW said 90,000 Audi customers and potential buyers had sensitive data related to purchase or lease eligibility. VW said it would provide free credit protection services to those individuals.
The sensitive data included driver license numbers in more than 95 percent of cases. A small number of records contained additional data such as dates of birth, Social Security numbers and account numbers.
The automaker does not believe that sensitive information is included in Canada.
More than 3.1 million people are affected in the United States.
VW believes the data was received at some point between August 2019 this year and May this year, when the automaker identified the source of the incident.