A Mercedes-Benz data breach exposed sensitive information owned by their customers. 1.6 million customer records were audited and the breach was found to affect fewer than 1,000 customers.
The information in the breach included drivers license numbers, social security numbers, self-reported customer credit scores, credit card numbers, and dates of birth. The German automaker disclosed the breach and says that their systems were not compromised.
They also said that the files were not misused and that they would not be searchable via search engines. They also added that most of the data leaked comprised self-reported credit scores, and few of the other bits of information were more sensitive such as drivers license and social security numbers.
According to the press release, the data was exposed due to an inadequately secured cloud storage platform. Breaches due to improperly secured cloud platforms have been common in recent years, and I hope that Mercedes-Benz is putting their best efforts into avoiding the usage of such platforms if they aren’t necessary.
Customers who had highly sensitive details such as their social security and credit card numbers leaked will be offered a complimentary 24-months of credit monitoring. The data leaked was from customers (and interested shoppers) that used Mercedes-Benz’s and its dealers websites between January 1, 2014, and Jun 19, 2017.