Mercedes-Benz vendor data breach leaks sensitive customer information

The company says fewer than 1,000 customers are affected, but info compromised may include Social Security and credit card numbers.

Sean Szymkowski
It all started with Gran Turismo. From those early PlayStation days, Sean was drawn to anything with four wheels. Prior to joining the Roadshow team, he was a freelance contributor for Motor Authority, The Car Connection and Green Car Reports. As for what's in the garage, Sean owns a 2016 Chevrolet SS, and yes, it has Holden badges.
Sean Szymkowski
Enlarge Image

Affected customers will receive a free subscription to a credit monitoring service.

Antuan Goodwin/Roadshow

Mercedes-Benz USA on Thursday disclosed a data breach within one of its vendors that leaked customers' and potential buyers' sensitive and personal information. In total, the company said fewer than 1,000 customers are affected by the breach. According to the announcement, the information comes from customers who entered various personal details on Mercedes-Benz websites between Jan. 1, 2014 and June 19, 2017.

The information remained stored on a vendor's cloud storage platform and was "inadvertently made accessible." The vendor promptly fixed the security fault after an external security researcher made the discovery.

Customers and potential customers from the affected time period may have had their driver's license numbers, Social Security numbers and credit card information leaked. Additionally, self-reported credit scores and dates of birth are all part of the data breach. Mercedes-Benz said, however, "one would need knowledge of special software programs and tools" to gain access to the actual data. "An internet search would not return any information contained in these files." The vast majority of the info leaked is customers' names, addresses, email addresses and phone numbers.

Any affected individual who did have more sensitive information breached, such as a Social Security number or credit card info, will be given a complimentary 24-month subscription to a credit monitoring service. The company said it already began reaching out to those affected by the breach and will notify the appropriate government agencies.

2022 Mercedes-Benz EQS Edition One is a flashy, techy electric flagship

See all photos