If you are alive and pay taxes, you have probably had personal information stolen in a data breach. It’s simply an unavoidable facet of living in the modern age, even if you take every precaution. Stellantis customers are among the latest victims of the phenomenon, as the automaker announced on Sunday (great day to share concerning news, guys) that a nefarious actor had gained “unauthorized access to a third-party service provider’s platform that supports [its] North American customer service operations.” What makes this particular instance so worrying, though, is how that data is being used to supercharge phishing attacks.
According to Stellantis, the data taken was “limited to contact information,” and did not include financial or sensitive personal info. IT security site BleepingComputer reported that the ShinyHunters extortion group claimed responsibility for the attack, one of many recent efforts targeting businesses that use Salesforce. The thieves said they made off with 18 million records, including names and contact details, from Stellantis’ Salesforce account.
Read Article