Mercedes-Benz USA announced on Thursday that the sensitive personal information of at least 1,000 customers and potential buyers was unintentionally made accessible on a cloud storage platform.
In a statement, the Georgia-based passenger car distributor announced the issue as part of an ongoing investigation into the inadvertent data leak.
The incident was brought to light after a vendor informed Mercedes-Benz about the exposure of private data on June 11. The issue was tracked through the work of an external security researcher in cooperation with the vendor.
According to the company, the leaked private information was entered by customers and interested buyers on the company and dealers’ websites between January 1, 2014 and June 19, 2017. The information comprised credit scores, driver’s license and social security numbers and credit card information of the customers and buyers.
“Data security is a serious matter for MBUSA,” the car distributor said in a statement. “Our vendor confirmed that the issue is corrected and that such an event cannot be replicated. We will continue our investigation to ensure that this situation is properly addressed.”
Mercedes-Benz assured that no business and operation system was compromised and no filed were maliciously misused.
“Any individual who had credit card information, a driver’s license number or a social security number included in the data will be offered [a] complimentary 24-month subscription to a credit monitoring service,” it added. “We will also notify the appropriate government agencies.”
© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.