Car manufacturing titan Stellantis has disclosed the exposure of customer data after threat actors gained unauthorized access to one of the company’s third-party partners.
Stellantis is the fifth-largest automaker globally by volume, with operations in over 130 countries and ownership of 14 car brands including Chrysler, Citroën, Jeep, Peugeot, and Vauxhall.
In a statement released on Sunday, the automaker said the attack had targeted an unnamed provider that supports its North American customer service branch.
The breach exposed the contact information of Stellantis’ customers, but didn’t affect any financial or sensitive personal information, the company says.
“Upon discovery, we immediately activated our incident response protocols, initiated a comprehensive investigation, and took prompt action to contain and mitigate the situation,” the automaker said in their statement. “We are also notifying the appropriate authorities and directly informing affected customers.”
As of yet, Stellantis hasn’t revealed how many individuals were affected, though they have warned customers to be vigilant of potential phishing attacks and unsolicited communication asking them to click on links or share personal information.
While the company hasn’t provided any more information regarding the breach, the ShinyHunters extortion group claimed responsibility for it on Tuesday. In a statement to Bleeping Computer, the group alleged that the Stellantis breach is the latest in a recent wave of Salesforce breaches for which they are responsible. Reportedly, the group stole over 18 million records from Stellantis’ Salesforce instance.
The Big Picture
Stellantis’ disclosure comes shortly after a major cyberattack on the UK’s largest car manufacturer, Jaguar Land Rover (JLR), earlier this month. JLR announced this week that the current closure of its global operations, which began on August 31st, will continue until at least October 1st.
The disruptions have reportedly caused JLR to lay off workers as it struggles to get back on its feet, while UK unions are calling on the government to establish a furlough scheme to support those affected. But the fallout extends beyond just the UK, with JLR being forced to halt production in China, Slovakia, India, and Brazil, as suppliers and dealers reporting cancelled orders, delayed payments, and an inability to complete customer transactions.
Like Stellantis, JLR has not disclosed who was behind the attack. However, Scattered Spider—the ransomware group behind the high-profile attacks on Harrods, M&S, and Co-Op this summer—claimed responsibility for it before both hacking groups reportedly shut down operations earlier this month.
But with ShinyHunters claiming responsibility for the Stellantis attack and Scattered Spider doing the same for JLR, the question remains as to whether these alleged “retirements” are legitimate, or simply meant to cause a distraction while the attackers spin a wider web.
Read More
