June 14, 2021

According to information provided by the California and Maine attorney general’s offices, the Volkswagen Group of America (VWGoA), a North American subsidiary of the German Volkswagen Group, stated that an unauthorized person accessed unsecured data on the internet between August 2019 and May 2021.

It goes on to say that while 3.3 million users were affected, 97% were classified as Audi customers and intended buyers.

It was found that the unauthorized person may have obtained customer information for Audi, Volkswagen and some authorized dealers during the data breach.

To clarify the story, the VWGoA said in a privacy breach notice: “The data included some or all of the following contact information about you: first and last name, personal or business mailing address, email address, or phone number. In some instances, the data also included information about a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages. The data also included more sensitive information relating to eligibility for a purchase, loan, or lease. More than 95% of the sensitive data included was driver’s license numbers. There were also a very small number of dates of birth, Social Security or social insurance numbers, account or loan numbers, and tax identification numbers.”

For more information, read the original story in Bleeping Computer.