Stellantis customer data breach: Difference between revisions

(8 intermediate revisions by 4 users not shown)

Line 9:

}}

[[Stellantis]] customer data was exposed in a breach through a third-party platform on September 21, 2025. The hackers accessed contact information of customers in North America.

==Background==

Line 17:

Line 16:

On September 21, 2025, Stellantis North America reported the data breach on their website.<ref name=":0">{{Cite web |date=2025-09-21 |title=Third-Party Platform Data Incident |url=https://media.stellantisnorthamerica.com/newsrelease.do?id=27079 |url-status=live |archive-url=https://web.archive.org/web/20250923153055/https://media.stellantisnorthamerica.com/newsrelease.do?id=27079 |archive-date=2025-09-23 |access-date=2025-09-28 |website=Stellantis North America}}</ref> They stated that the data was limited to contact information and that the breach did not involve any financial or sensitive personal information. They did not include an estimate of impacted customers. Bleeping Computer reported that extortion group ShinyHunters took credit for the breach, stating that they stole over 18 million Salesforce records pertaining to contact information.<ref name=":1">{{Cite web |last=Gatlan |first=Sergiu |date=2025-09-22 |title=Automaker giant Stellantis confirms data breach after Salesforce hack |url=https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/ |url-status=live |archive-url=https://web.archive.org/web/20250924065416/https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/ |archive-date=2025-09-24 |access-date=2025-09-28 |website=Bleeping Computer}}</ref>

===Stellantis' response===

===Stellantis's response===

In their initial report, Stellantis North America remarked on their response to the incident:<ref name=":0" />

Line 23:

Line 22:

==Consumer response==

Some consumers reacted to the news of the data breach in the context of the broader conversations around privacy concerns in the automotive industry and the proposed REPAIR Act (H.R. 906) legislation in the United States. Online comments from consumers include criticism towards Stellantis for characterizing [[Right to repair]] as a security vulnerability while failing to keep their customers' contact info secure, expressions of gratitude for owning vehicles from the early 2000's and older that don't collect consumer data to begin with, and statements of distrust in Stellantis and a lack of surprise at the incident.<ref>{{Cite news |last=Knutsson |first=Kurt |date=2025-10-07 |title=Jeep and Chrysler parent Stellantis confirms data breach |url=https://www.foxnews.com/tech/jeep-chrysler-parent-stellantis-confirms-data-breach |url-status=live |archive-url=https://web.archive.org/web/20251007162047/https://www.foxnews.com/tech/jeep-chrysler-parent-stellantis-confirms-data-breach |archive-date=7 Oct 2025 |access-date=2025-10-15 |work=Fox News}}</ref> <ref>{{Cite web |date=2025-09-22 |title=Automaker giant Stellantis confirms data breach after Salesforce hack |url=https://www.reddit.com/r/cybersecurity/comments/1nnz4b0/automaker_giant_stellantis_confirms_data_breach/ |url-status=live |archive-url=https://web.archive.org/web/20260222230643/https://old.reddit.com/r/cybersecurity/comments/1nnz4b0/automaker_giant_stellantis_confirms_data_breach/ |archive-date=22 Feb 2026|access-date=2025-10-15 |website=Reddit}}</ref><ref>{{Cite web |date=2025-09-26 |title=Stellantis suffers data breach during campaign against independent repair |url=https://www.reddit.com/r/cars/comments/1nrgpsz/stellantis_suffers_data_breach_during_campaign/ |url-status=live |archive-url=https://web.archive.org/web/20260222230709/https://old.reddit.com/r/cars/comments/1nrgpsz/stellantis_suffers_data_breach_during_campaign/ |archive-date=22 Feb 2026|access-date=2025-10-15 |website=Reddit}}</ref>

==See also==

*[[Ticketmaster Entertainment, LLC]] ShinyHunters data breach

*[[Ticketmaster Entertainment, LLC]] - ShinyHunters data breach

*[[Volkswagen car-location data-exposure incident]]

Line 32:

Line 31:

[[Category:Stellantis]]

[[Category:Data breaches]]

@@ Line 9: / Line 9: @@
 }}
 [[Stellantis]] customer data was exposed in a breach through a third-party platform on September 21, 2025. The hackers accessed contact information of customers in North America.
 ==Background==
@@ Line 17: / Line 16: @@
 On September 21, 2025, Stellantis North America reported the data breach on their website.<ref name=":0">{{Cite web |date=2025-09-21 |title=Third-Party Platform Data Incident |url=https://media.stellantisnorthamerica.com/newsrelease.do?id=27079 |url-status=live |archive-url=https://web.archive.org/web/20250923153055/https://media.stellantisnorthamerica.com/newsrelease.do?id=27079 |archive-date=2025-09-23 |access-date=2025-09-28 |website=Stellantis North America}}</ref> They stated that the data was limited to contact information and that the breach did not involve any financial or sensitive personal information. They did not include an estimate of impacted customers. Bleeping Computer reported that extortion group ShinyHunters took credit for the breach, stating that they stole over 18 million Salesforce records pertaining to contact information.<ref name=":1">{{Cite web |last=Gatlan |first=Sergiu |date=2025-09-22 |title=Automaker giant Stellantis confirms data breach after Salesforce hack |url=https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/ |url-status=live |archive-url=https://web.archive.org/web/20250924065416/https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/ |archive-date=2025-09-24 |access-date=2025-09-28 |website=Bleeping Computer}}</ref>
-===Stellantis' response===
+===Stellantis's response===
 In their initial report, Stellantis North America remarked on their response to the incident:<ref name=":0" />
@@ Line 23: / Line 22: @@
 ==Consumer response==
-{{Ph-I-ConR}}
+Some consumers reacted to the news of the data breach in the context of the broader conversations around privacy concerns in the automotive industry and the proposed REPAIR Act (H.R. 906) legislation in the United States. Online comments from consumers include criticism towards Stellantis for characterizing [[Right to repair]] as a security vulnerability while failing to keep their customers' contact info secure, expressions of gratitude for owning vehicles from the early 2000's and older that don't collect consumer data to begin with, and statements of distrust in Stellantis and a lack of surprise at the incident.<ref>{{Cite news |last=Knutsson |first=Kurt |date=2025-10-07 |title=Jeep and Chrysler parent Stellantis confirms data breach |url=https://www.foxnews.com/tech/jeep-chrysler-parent-stellantis-confirms-data-breach |url-status=live |archive-url=https://web.archive.org/web/20251007162047/https://www.foxnews.com/tech/jeep-chrysler-parent-stellantis-confirms-data-breach |archive-date=7 Oct 2025 |access-date=2025-10-15 |work=Fox News}}</ref> <ref>{{Cite web |date=2025-09-22 |title=Automaker giant Stellantis confirms data breach after Salesforce hack |url=https://www.reddit.com/r/cybersecurity/comments/1nnz4b0/automaker_giant_stellantis_confirms_data_breach/ |url-status=live |archive-url=https://web.archive.org/web/20260222230643/https://old.reddit.com/r/cybersecurity/comments/1nnz4b0/automaker_giant_stellantis_confirms_data_breach/ |archive-date=22 Feb 2026|access-date=2025-10-15 |website=Reddit}}</ref><ref>{{Cite web |date=2025-09-26 |title=Stellantis suffers data breach during campaign against independent repair |url=https://www.reddit.com/r/cars/comments/1nrgpsz/stellantis_suffers_data_breach_during_campaign/ |url-status=live |archive-url=https://web.archive.org/web/20260222230709/https://old.reddit.com/r/cars/comments/1nrgpsz/stellantis_suffers_data_breach_during_campaign/ |archive-date=22 Feb 2026|access-date=2025-10-15 |website=Reddit}}</ref>
 ==See also==
-*[[Ticketmaster Entertainment, LLC]] ShinyHunters data breach
+*[[Ticketmaster Entertainment, LLC]] - ShinyHunters data breach
 *[[Volkswagen car-location data-exposure incident]]
@@ Line 32: / Line 31: @@
 {{reflist}}
 [[Category:Stellantis]]
+[[Category:Data breaches]]