In today’s world, cybersecurity is very critical because of some security threats and cyber-attacks. But suppose any company fails to do so. In that case, even a firm as big as Mercedes-Benz can inadvertently leak consumer information.
Recently, a salesperson informed Mercedes-Benz that sensitive personal data on cloud storage had been inadvertently made available to less than 1000 Mercedes-Benz customers and prospective buyers. No Mercedes-Benz system was compromised, and no files were maliciously misused, according to the company.
A seller has carelessly pushed the cloud-stored knowledge of luxury car consumers and prospective buyers for over three years. On an ongoing inquiry, this confirmation was made in cooperation with the seller. The issue was discovered through an external safety researcher’s effort. Mercedes-Benz initiated an investigation to determine the accessibility of around 1.6 million unique records. There were also a few records with the following information:
The company has already started contacting the less than 1,000 people whose extra personal information was made public. It’s offering two years of free credit monitoring to the customers and buyers whose information was found in the disclosed data.
Mercedes Benz USA stated on 24 June that confidential information was made accessible on a cloud storage network for over 1000 customers and prospective buyers.
It is believed that the information was entered between 01 January 2014 and 19 June 2017 by customers and interested buyers on the Mercedes-Benz websites. As a result of this incident, no Mercedes-Benz systems have been accessed, and there is no evidence of fraud in any Mercedes-Benz data at this time.
One credit company stated that users were inadvertently shown other users’ account info, including details about credit card accounts and balances.
Mercedes-Benz inadvertently revealed the private data of some of its customers. Contents reportedly included customers’ social security numbers, self-reported credit scores, driver licenses, addresses, and credit card details. The good thing is that the number of involved people was alleged to have capped somewhere around one thousand at the time of this writing. But the bad news is that it wasn’t like having your e-mail or your phone number getting out there. However, the affected ones will be given a free two-year subscription to a credit monitoring service.
Nowadays, it is not uncommon for a modern automobile to come with an associated phone app. These apps link to your car and allow you to locate it, lock or unlock it, and start or stop the engine remotely.
Big companies like Mercedez-Benz should create software to protect data, software that will safeguard customers’ data. Organizations can secure consumer data in real-time with a comprehensive solution that proactively checks for threats and risks.
The company must leverage multi-faceted and robust cybersecurity platforms that include cloud security posture management (CSPM), data loss prevention (DLP), multi-factor authentication (MFA), and user and entity behavior analytics (UEBA). Secure access service edge (SASE) platforms deliver end-to-end protection for data in sanctioned cloud resources and are crucial in any zero-trust framework.
Rogue Logics provides in-depth security services for the assessment and protection of your application, data, and infrastructure against potential threats on-prem or in the cloud.
Want a consultation with the professionals at Rogue Logics, contact us and get a free quote.