Stellantis, the automaker behind Chrysler, Fiat, Jeep, Dodge, Ram, and several other brands, has confirmed a data breach that compromised customer information.
In a statement released Sunday, the company said the incident stemmed from a breach at a third-party service provider supporting its North American customer service operations. Stellantis disclosed that customer “contact information” was taken but did not provide details on the exact types of data exposed or the number of affected individuals.
Bleeping Computer reports that the breach is linked to a hack of Stellantis’ Salesforce database, with the hacker group ShinyHunters claiming responsibility. The group allegedly stole 18 million customer records from the automaker’s database.
Stellantis declined to confirm the scale of the breach but said it is in the process of notifying affected customers. “We are working with our provider to investigate the matter and have taken steps to enhance the security of our systems,” spokesperson Kaileen Connelly said.
This incident places Stellantis among a growing list of companies targeted in recent cyberattacks tied to Salesforce platforms. High-profile victims include Cloudflare, Google, and Proofpoint, all of which reported data theft from Salesforce-related breaches.
Related: Oura Ring Maker Raising $875M at $11B Valuation, Report Says
With millions of records potentially exposed, cybersecurity experts warn that affected customers could face phishing attempts and other fraud risks. Stellantis has not yet confirmed whether credit monitoring or additional protections will be offered to impacted individuals.
