Some US Mercedes Customers Likely Hit With Data Breach
Do you own, or have you recently test-driven a Mercedes? If so, or if you've created an account on their website for some other purpose, be advised that the company recently disclosed that they had been hacked.
They say that the attackers made off with personal and financial information belonging to more than 1.6 million account holders.
Based on the results of the investigation thus far, the company has confirmed that the stolen data included:
- Customer Name (full names)
- Physical address
- Social Security Number
- Date of Birth
- Credit/Payment card number
- Customer phone number
- Email addresses
- And specific information relating to the vehicle that each person purchased
Additionally, the hackers made off with a small number (less than a thousand) driver's license numbers belonging to prospective buyers. That's bad, as the compromised data is more than enough for the attackers to steal the identities of those people whose data they now possess.
As is the case in a growing number of data breaches, the issue wasn't the Mercedes Benz network itself. Instead, the attackers gained access via a third party vendor vulnerability. A spokesman for Mercedes Benz said that the vendor in question had isolated the weak spot in their security and made changes so that it won't happen again.
That's small comfort, however, for the 1.6 million+ customers who now have to watch their credit reports like a hawk.
In any event, the company is in the process of contacting all those who were impacted by the breach, and as is common in these types of cases, Mercedes Benz is offering two years of free credit monitoring if your data was compromised. If you haven't heard from the company by the time you read these words, odds are excellent that you weren't impacted, but if you want to be sure, check the website "Have I Been Pwnd" just to be safe.