Automotive giant Stellantis has confirmed a major data breach, exposing customer contact details, after attackers breached a third-party platform used for North American customer services. The incident has sparked concern, as it is part of a growing pattern of large-scale breaches targeting cloud-based customer relationship management (CRM) systems. Companies such as Google, Cisco, and Adidas have also fallen victim to similar attacks this year, raising alarms about the security of cloud platforms.
Stellantis, formed in 2021 through the merger of PSA Group and Fiat Chrysler Automobiles (FCA), ranks among the world’s largest automakers by revenue. The company operates in over 130 countries and houses 14 well-known brands, including Jeep and Dodge, as well as Peugeot, Maserati, and Vauxhall. The global scale of its operations makes it a prime target for cyber adversaries.
In its official statement, Stellantis clarified that only contact information was compromised, with the company affirming that sensitive data such as Social Security numbers, payment details, and health records were not accessed. In response, the company has activated its incident response protocols, initiated a full investigation, contained the breach, and begun notifying authorities and affected customers. The company has also issued warnings to customers to remain cautious about phishing attempts and to avoid clicking suspicious links.
Stellantis has not yet disclosed the exact number of affected customers or the specific contact fields that were accessed, such as email, phone, or address information. However, cybersecurity analysts suggest that the breach is likely linked to the ShinyHunters extortion campaign, a group that has been implicated in a wave of data thefts targeting Salesforce systems. According to Bleeping Computer, ShinyHunters has claimed to have stolen over 18 million records from Stellantis’ Salesforce instance, including names and contact details.
These attacks are part of a broader trend targeting cloud-based systems. The FBI recently issued a Flash alert highlighting the increasing frequency of such breaches and cautioned organizations to strengthen their defenses. ShinyHunters is reported to have stolen over 1.5 billion records from more than 760 companies, including major corporations like Google, Cisco, Adidas, and Allianz Life, as well as high-profile brands under LVMH such as Dior and Tiffany & Co.
Attackers have been exploiting OAuth tokens linked to integrations such as Salesloft’s Drift AI chat tool to access Salesforce environments. Once within these environments, they can extract vast repositories of data, including credentials, AWS keys, and Snowflake tokens. This sophisticated method highlights the growing threat to even the most established companies, as their reliance on cloud-based systems can create vulnerabilities that malicious actors exploit.
The breach at Stellantis underscores the importance of proactive cybersecurity measures. Customers are advised to monitor their accounts for unusual activity and to remain vigilant against potential phishing attempts. Cybersecurity experts emphasize that while no service can fully guarantee the removal of personal data from the internet, data removal services can significantly reduce long-term exposure by actively monitoring and systematically deleting information from hundreds of websites.
In light of the breach, consumers are encouraged to take additional steps to protect their personal information. This includes using strong, unique passwords for all accounts, employing a password manager, and enabling two-factor authentication (2FA) to add an extra layer of security. Identity theft protection services are also recommended as a means of monitoring for suspicious activity, such as unauthorized credit applications or changes to official records.
Ultimately, the incident at Stellantis highlights the broader challenge of securing digital assets in an increasingly interconnected world. As organizations continue to rely on third-party platforms and cloud-based systems, the need for comprehensive cybersecurity strategies has never been more critical. The fallout from such breaches can have far-reaching consequences, not only for the companies involved but also for consumers who may find their personal information at risk.