Stellantis data breach: customer contact info exposed in North America

Stellantis confirmed a breach via a third-party service, exposing only contact data of North American customers. Financial details and sensitive records remain secure.

Stellantis has confirmed a data breach linked to a third-party service provider supporting its North American customer operations. Hackers gained access to basic contact details, including names, addresses, phone numbers, and emails. The company stressed that financial data, passwords, Social Security numbers, and government IDs were not compromised.

Immediately after detecting the incident, Stellantis activated its response protocols, contained the threat, launched an internal investigation with cybersecurity experts, and notified regulators in the United States and Canada. However, the automaker has not disclosed how many customers were affected, nor the timeframe of the breach. The identity of the third-party provider also remains undisclosed.

While the investigation is ongoing, Stellantis is urging customers to stay cautious. Official advice includes being alert to suspicious messages, avoiding unknown links, and using only verified company channels.

This breach comes amid other challenges for the automaker. Just recently, Stellantis recalled 53,849 Alfa Romeo Giulia and Stelvio models in the United States due to a fuel pump defect that could cause sudden power loss. At the same time, industry reports highlight a sharp rise in cyber incidents across the automotive sector, with large-scale attacks becoming increasingly common.

The broader context includes a major cyberattack on Jaguar Land Rover earlier this month, which forced nearly three weeks of halted production at its UK plants and brought significant financial losses. Against this backdrop, even a limited breach like the one at Stellantis underscores the growing vulnerability of digital systems in the global car industry.