Stellantis Customer Data Breach: Difference between revisions

Revision as of 20:54, 29 September 2025

❗Article Status Notice: This Article is a stub

This article is underdeveloped, and needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Learn more ▼

Stellantis customer data was exposed in a breach through a third-party platform on September 21, 2025. The hackers accessed contact information of customers in North America.

Customer Data Breach

On September 21, 2025, Stellantis North America reported the data breach on their website^[1]. They did not reveal how many customers were impacted, only that the data was limited to contact information and that the breach did not involve any financial or sensitive personal information. Bleeping Computer reported that extortion group ShinyHunters took credit for the breach, claiming to have stolen over 18 million Salesforce records pertaining to contact information^[2].

Company Response

In their initial report, Stellantis North America remarked on their response to the incident^[1]:

Upon discovery, we immediately activated our incident response protocols, initiated a comprehensive investigation, and took prompt action to contain and mitigate the situation. We are also notifying the appropriate authorities and directly informing affected customers.

Background

The ShinyHunters group accessed Stellantis data as part of a larger effort targeted at Salesforce, which included data stolen from many other large companies in 2025, such as Google, Cisco, and Workday^[2]. They did not reveal to Bleeping Computer the method used to gain access in this incident, however, their recent tactics in similar attacks included social engineering^[3] and stolen OAuth tokens that allowed access through the Salesloft Drift AI chat integration with Salesforce^[4].

References

↑ ^1.0 ^1.1 "Third-Party Platform Data Incident".
↑ ^2.0 ^2.1 Gatlan, Sergiu (2025-09-22). "Automaker giant Stellantis confirms data breach after Salesforce hack". Bleeping Computer.
↑ Toulas, Bill. "Google: Hackers target Salesforce accounts in data extortion attacks". Bleeping Computer.
↑ Abrams, Lawrence. "Google warns Salesloft breach impacted some Workspace accounts". Bleeping Computer.

[:0-1] 1.0 ^1.1 "Third-Party Platform Data Incident".

[:1-2] 2.0 ^2.1 Gatlan, Sergiu (2025-09-22). "Automaker giant Stellantis confirms data breach after Salesforce hack". Bleeping Computer.

[3] Toulas, Bill. "Google: Hackers target Salesforce accounts in data extortion attacks". Bleeping Computer.

[4] Abrams, Lawrence. "Google warns Salesloft breach impacted some Workspace accounts". Bleeping Computer.

[1]

[2]

[3]

[4]

@@ Line 10: / Line 10: @@
 ==Customer Data Breach==
-On September 21, 2025, Stellantis reported the data breach on their website<ref>{{Cite web |title=Third-Party Platform Data Incident |url=https://media.stellantisnorthamerica.com/newsrelease.do?id=27079}}</ref>.  They did not reveal how many customers were impacted. The Entrepreneur reported that hacker group ShinyHunters took credit for the breach, claiming to have stolen over 18 million Salesforce records<ref>{{Cite web |last=Shibu |first=Sherin |title=A Data Breach Reportedly Affecting 18 Million Customers Hits Jeep, Chrysler, and Dodge Parent Company |url=https://www.entrepreneur.com/business-news/stellantis-data-breach-affects-millions-of-car-buyers/497439}}</ref>.
+On September 21, 2025, Stellantis North America reported the data breach on their website<ref name=":0">{{Cite web |title=Third-Party Platform Data Incident |url=https://media.stellantisnorthamerica.com/newsrelease.do?id=27079}}</ref>. They did not reveal how many customers were impacted, only that the data was limited to contact information and that the breach did not involve any financial or sensitive personal information. Bleeping Computer reported that extortion group ShinyHunters took credit for the breach, claiming to have stolen over 18 million Salesforce records pertaining to contact information<ref name=":1">{{Cite web |last=Gatlan |first=Sergiu |date=2025-09-22 |title=Automaker giant Stellantis confirms data breach after Salesforce hack |url=https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/ |website=Bleeping Computer}}</ref>.
+==Company Response==
+In their initial report, Stellantis North America remarked on their response to the incident<ref name=":0" />:
+<blockquote> Upon discovery, we immediately activated our incident response protocols, initiated a comprehensive investigation, and took prompt action to contain and mitigate the situation. We are also notifying the appropriate authorities and directly informing affected customers. </blockquote>
+==Background==
+The ShinyHunters group accessed Stellantis data as part of a larger effort targeted at Salesforce, which included data stolen from many other large companies in 2025, such as Google, Cisco, and Workday<ref name=":1" />. They did not reveal to Bleeping Computer the method used to gain access in this incident, however, their recent tactics in similar attacks included social engineering<ref>{{Cite web |last=Toulas |first=Bill |title=Google: Hackers target Salesforce accounts in data extortion attacks |url=https://www.bleepingcomputer.com/news/security/google-hackers-target-salesforce-accounts-in-data-extortion-attacks/ |website=Bleeping Computer}}</ref> and stolen OAuth tokens that allowed access through the Salesloft Drift AI chat integration with Salesforce<ref>{{Cite web |last=Abrams |first=Lawrence |title=Google warns Salesloft breach impacted some Workspace accounts |url=https://www.bleepingcomputer.com/news/security/google-warns-salesloft-breach-impacted-some-workspace-accounts/ |website=Bleeping Computer}}</ref>.
 ==References==
 {{reflist}}