Kreditkarten-Daten bei Mercedes-Benz in Datenschutzvorfall offen gelegt

Sicherheit (Pexels, allgemeine Nutzung)[English]Mercedes-Benz USA musste gerade eine Datenpanne eingestehen, die einige Kunden betrifft. Bei diesem Datenschutzvorfall wurden Kreditkarteninformationen, Sozialversicherungsnummern und Führerscheinnummern von knapp als 1.000 Mercedes-Benz Kunden und potenziellen Käufern im Zeitraum 1. Januar 2014 und 19. Juni 2017 offengelegt.


Anzeige

Details wurden in einer Pressemitteilung genannt, die ich hier mal herausziehe, da solche Texte nach einiger Zeit gelöscht werden.

Jun 24, 2021 – ATLANTA, GA

On June 11, 2021, a vendor informed Mercedes-Benz that sensitive personal information of less than 1,000 Mercedes-Benz customers and interested buyers was inadvertently made accessible on a cloud storage platform. This confirmation was part of an ongoing investigation conducted in cooperation with the vendor. The issue was uncovered through the dedicated work of an external security researcher. It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014 and June 19, 2017. No Mercedes-Benz system was compromised as a result of this incident, and at this time, we have no evidence that any Mercedes-Benz files were maliciously misused.

Data security is a serious matter for MBUSA. Our vendor confirmed that the issue is corrected and that such an event cannot be replicated. We will continue our investigation to ensure that this situation is properly addressed.

The vendor reports that the personal information for these individuals (less than 1,000) is comprised mainly of self-reported credit scores as well as a very small number of driver license numbers, social security numbers, credit card information and dates of birth. To view the information, one would need knowledge of special software programs and tools – an Internet search would not return any information contained in these files.

The investigation was initiated to assess the accessibility of approximately 1.6 million unique records. The vast majority of these records included information such as name, address, emails, phone numbers, and some purchased vehicle information.  However, MBUSA would like to stress that a review of the total data entry record set determined that less than 1,000 individual Mercedes-Benz customers and interested buyers had additional personal information in a publicly accessible state. Mercedes-Benz USA has already begun notifying individuals, whose additional information was accessible, about this incident. Any individual who had credit card information, a driver' s license number or a social security number included in the data will be offered complimentary 24-month subscription to a credit monitoring service. We will also notify the appropriate government agencies.

Any individuals who have questions or concerns about this incident should contact the Mercedes-Benz Customer Assistance Center at 1-800-367-6372.

Erst in der 12. Juni 2021 mussten Audio/VW einen Datenschutzvorfall in den USA eingestehen, bei dem zwischen August 2019 und Mai 2021 3,3 Millionen Kundendaten betroffen waren – die Kollegen von Bleeping Computer hatten darüber berichtet. (via)


Cookies blockieren entzieht uns die Finanzierung: Cookie-Einstellungen

Dieser Beitrag wurde unter Sicherheit abgelegt und mit verschlagwortet. Setze ein Lesezeichen auf den Permalink.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Hinweis: Bitte beachtet die Regeln zum Kommentieren im Blog (Erstkommentare und Verlinktes landet in der Moderation, gebe ich alle paar Stunden frei, SEO-Posts/SPAM lösche ich rigoros). Kommentare abseits des Themas bitte unter Diskussion.