The data of around three million Audi and Volkswagen customers were publicly available – including some more sensitive data. Due to a breakdown at a business partner, data from more than three million Audi or Volkswagen customers in the USA and Canada were disclosed to the public.
According to a CNET report, the data leak occurred at an external marketing company that works with the group.
The stolen data includes telephone numbers, e-mail addresses, and postal addresses, in some cases also social security numbers, vehicle identification numbers, VW or Audi customer numbers, dates of birth, or creditworthiness. Volkswagen did not provide any more precise information on how the data leak came about.
In a letter to customers that Techcrunch has received, it is said that the data came from the years 2014 to 2019 and was available unprotected via the Internet between August 2019 and May 2021. It should also affect people who have only been informed about the purchase of a vehicle.
There is no evidence in the letter that the data was misused. VW did not mention the name of the service provider.