fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Mercedes-Benz Data Breach Exposes SSNs, Credit Card Numbers

Mercedes-Benz Data Breach Exposes SSNs, Credit Card Numbers

Mercedes-Benz USA has just disclosed a data breach impacting some of its customers.

The company assessed 1.6 million customer records which included customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the impact.

It appears the data breach exposed credit card information, social security numbers, and driver license numbers of under 1,000 Mercedes-Benz customers and potential buyers.

Data breach impact disclosed after auditing 1.6 million records

Yesterday, German automotive brand and luxury vehicle company, Mercedez-Benz disclosed a data breach impacting some customers and potential buyers.

On June 11th, a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

According to the company, the breach affects some customers and potential vehicle buyers who had entered sensitive information on Mercedez-Benz company and dealer websites between 2014 and 2017:

“It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014 and June 19, 2017.”

“No Mercedes-Benz system was compromised as a result of this incident, and at this time, we have no evidence that any Mercedes-Benz files were maliciously misused.”

“Data security is a serious matter for MBUSA. Our vendor confirmed that the issue is corrected and that such an event cannot be replicated.”

“We will continue our investigation to ensure that this situation is properly addressed,”  said Mercedes-Benz in a press release.

The vendor who notified Mercedez-Benz of the data breach states that the exposed information included:

  • Self-reported customer credit scores
  • Driver license numbers
  • Social Security Numbers (SSNs)
  • Credit card numbers
  • Dates of Birth

However, the company has stated that this information would not have been searchable on or indexed by a typical search engine.

“To view the information, one would need knowledge of special software programs and tools – an Internet search would not return any information contained in these files,” says Mercedes-Benz.

The company released this data breach statement after reviewing almost 1.6 million unique customer records, which included name, address, emails, phone numbers, and some purchased vehicle information.

But, upon the completion of the investigation, it was determined that under 1,000 customers have had their “additional” personal information exposed via publicly accessible cloud storage solution. 

Mercedes-Benz USA says that it is in the process of contacting the affected individuals about this incident whose additional information was accessible.

“Any individual who had credit card information, a driver’s license number or a social security number included in the data will be offered complimentary 24-month subscription to a credit monitoring service. We will also notify the appropriate government agencies,” says the vehicle company.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Because the company mentions only under 1,000 customers had their additional information exposed, after auditing 1.6 million customer records, it is not clear exactly how many customers were affected by this incident.

BleepingComputer has reached out to Mercedes-Benz/Daimler AG with additional questions and we are awaiting their response.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us