Mercedes-Benz data breach exposes SSNs, credit card numbers


Level 85
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
Yesterday, German automotive brand and luxury vehicle company, Mercedez-Benz disclosed a data breach impacting some customers and potential buyers.

On June 11th, a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance.

According to the company, the breach affects some customers and potential vehicle buyers who had entered sensitive information on Mercedez-Benz company and dealer websites between 2014 and 2017:

"It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014 and June 19, 2017."
"No Mercedes-Benz system was compromised as a result of this incident, and at this time, we have no evidence that any Mercedes-Benz files were maliciously misused."
"Data security is a serious matter for MBUSA. Our vendor confirmed that the issue is corrected and that such an event cannot be replicated."
"We will continue our investigation to ensure that this situation is properly addressed," said Mercedes-Benz in a press release.

The vendor who notified Mercedez-Benz of the data breach states that the exposed information included:
  • Self-reported customer credit scores
  • Driver license numbers
  • Social Security Numbers (SSNs)
  • Credit card numbers
  • Dates of Birth
However, the company has stated that this information would not have been searchable on or indexed by a typical search engine.
"To view the information, one would need knowledge of special software programs and tools - an Internet search would not return any information contained in these files," says Mercedes-Benz.

The company released this data breach statement after reviewing almost 1.6 million unique customer records, which included name, address, emails, phone numbers, and some purchased vehicle information.