Volkswagen Group of America has been sending out data breach notices to customers since June 11 about an incident that left millions of drivers’ information vulnerable to scammers, TechCrunch reported. The customers affected are being contacted by the manufacturer, but they believe the information that was stolen was “gathered for sales and marketing purposes from 2014 to 2019,” according to the notice.ae0fcc31ae342fd3a1346ebb1f342fcb Both Volkswagen customers and prospective buyers had information exposed as a result of this security breach, which the company is pinning on an unnamed vendor. Though most of the information was emails, phone numbers, names, and addresses, more than 90,000 potential buyers in the U.S. had more sensitive information stolen, including driver’s license numbers (95 percent of the sensitive information fell under this category), but also birth dates and Social Security numbers in a handful of instances, too. “We have also informed the appropriate authorities, including law enforcement and regulators, and are working with external cybersecurity experts and the vendor to assess and respond to this situation,” a Volkswagen spokesperson told TechCrunch, via a crisis communications firm. RELATED: If You Have One of These 2 Popular Cars, Don’t Park in the Garage. Nearly all of those affected by the breach were Audi customers, one of Volkswagen’s luxury brands. (Volkswagen also owns Bentley, Bugatti, Lamborghini, Porsche, and other high-end brands.) “Based on our analysis to date, we believe that the vast majority of the information relates to Audi customers and interested buyers in the United States,” the company said in a statement to Automotive News. Of the 3.3 million customers whose information was affected, the company says 3.1 million were Audi customers or those interested in Audis who provided their information. “We regret any inconvenience this may cause our current or potential customers,” the company said in their statement to Automotive News. As a result of the data breach, Volkswagen and Audi are urging customers to “please remain alert for suspicious emails or other communications that might ask for more information about you or your vehicle.” Specifically, they’re warning customers to be on the lookout for:
Spam emails or other communication requesting sensitive personal information. “We will never request sensitive personal information (such as credit card numbers, Social Security numbers, or passwords) through email or telephone communications,” the company cautions. Links or attachments from unsolicited third parties. “Unsolicited emails could contain computer viruses or other types of computer malware,” they warn.
RELATED: For more up-to-date information, sign up for our daily newsletter. As a result of the data breach, Volkswagen is working with consumer privacy platform IDX to provide customers with free credit protection services. “IDX identity protection services include: 24 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services should that occur,” Volkswagen told customers in the notice. Volkswagen and Audi customers can enroll or ask questions by calling 833-406-2408 or going to the IDX website. “We encourage anyone whose sensitive personal information was impacted to take advantage of the free credit protection services being offered (i.e., anyone who is notified that the following information was impacted: driver’s license number; date of birth; Social Security or social insurance number; account or loan number; or tax identification number),” the IDX website reads. The deadline to enroll is September 11, 2021. The company suggests affected drivers “remain vigilant by reviewing account statements and monitoring credit reports.” They also recommend getting a free copy of your credit report from one of the three major credit reporting companies—Equifax, Experian, or TransUnion—which you’re entitled to every 12 months. To request one, go to www.annualcreditreport.com or call 1-877-322-8228. If you’re concerned you’ve been affected by the data breach, you can also place fraud alerts or a security freeze on your credit files.