Stellantis, the automotive conglomerate that owns brands such as Chrysler, Fiat, Jeep, Dodge, Ram, and more, has acknowledged a security incident that exposed customers’ private details.
In a statement released on Sunday, Stellantis revealed that a breach occurred on a “third-party service provider’s platform that assists our customer support operations in North America.”
The company indicated that “contact information” was compromised, but Kaileen Connelly, a Stellantis spokesperson, declined to specify to TechCrunch exactly which categories of customer information were involved in the incident. She also would not disclose how many individuals were being informed about the exposure of their data.
According to Bleeping Computer, the breach is tied to an intrusion into Stellantis’ Salesforce database, referencing claims made by the ShinyHunters hacking group, who have taken responsibility for the attack.
Reports suggest the attackers managed to extract 18 million customer records from the compromised database.
Stellantis now joins numerous other organizations—including Cloudflare, Google, and Proofpoint—that have suffered data theft in a recent security incident affecting Salesloft Drift, as well as many companies whose Salesforce data was previously compromised.
This article has been updated to include Stellantis’ response.
