Automotive giant Stellantis has confirmed a significant data breach that exposed North American customer contact information after a third-party service provider was compromised, part of a wider attack on Salesforce systems.
Details of the Stellantis Data Breach
The incident occurred when attackers infiltrated a platform used for customer services in North America. Stellantis stated that the compromised information was limited to contact details.
The company assured customers that sensitive data such as social security numbers, payment details, and health records were not affected.
Stellantis, formed in 2021 from the merger of PSA Group and Fiat Chrysler Automobiles, has not disclosed the exact number of affected individuals. The specific contact fields that were part of the exposed Stellantis customer data have also not been revealed.
ShinyHunters Claims Responsibility for Hack
The notorious hacking group ShinyHunters is believed to be behind the attack as part of a large-scale extortion campaign. The group claims to have stolen over 18 million records from the automaker’s Salesforce instance.
This incident is a component of the wider ShinyHunters Salesforce hack.
This campaign has reportedly compromised over 1.5 billion records from approximately 760 companies. Other major Salesforce clients, including Google, Allianz, and Dior, have also reported similar intrusions.
A Wider Salesforce CRM Security Vulnerability
The breach highlights a growing trend of attacks targeting cloud-based customer relationship management (CRM) systems. The FBI recently issued a Flash alert warning organizations about a Salesforce CRM security vulnerability.
Attackers often exploit OAuth tokens tied to third-party integrations to gain unauthorized access to Salesforce environments. This method allows them to exfiltrate large volumes of customer data from targeted companies.
Company Launches Investigation and Response
In response to the incident, Stellantis activated its incident response protocols and contained the breach. The company has launched a full investigation and notified the relevant authorities.
Stellantis has also begun alerting affected customers directly. The automaker, which owns brands like Jeep and Maserati, is warning individuals to be vigilant against potential phishing attempts and not to click on suspicious links.
What to Do After the Stellantis Breach
Experts recommend several steps for those impacted by data breaches. Individuals should be skeptical of any unsolicited messages claiming to be from Stellantis and should use comprehensive antivirus software.
It is also advised to use a strong password manager, enable two-factor authentication (2FA) on all accounts, and consider using an identity theft protection service. Auditing online accounts for any suspicious activity is another critical step for security.
