Stellantis, the multinational automaker behind Chrysler, Dodge, Jeep, Peugeot, and a dozen other brands, has confirmed that customer information was compromised in a recent cyber incident. The company stated that the intrusion originated from unauthorized access to a third-party provider that supports its North American customer service systems.
Stellantis confirmed that the breach did not involve financial or highly sensitive information, affecting only customer contact information. The company stated that it promptly isolated the compromised system, activated its incident response teams, and has begun notifying both regulators and the individuals whose data was exposed.
While Stellantis has not named the breached platform, the ShinyHunters group claims to have obtained over 18 million records from the company’s Salesforce environment, including names and contact details. Security researchers have linked this attack to a broader campaign in which the group has been targeting Salesforce customers by exploiting stolen OAuth tokens associated with Salesloft’s Drift AI integration.
The same operation has already swept up a long list of global companies, ranging from Google, Cisco, and Adidas to luxury houses under the LVMH banner. ShinyHunters claims to have siphoned off as many as 1.5 billion records across 760 organizations, making it one of the largest ongoing theft campaigns aimed at enterprise SaaS platforms.
The FBI has issued a warning that in a number of recent data breaches, some victims later received extortion demands threatening to leak stolen data. To reduce exposure, officials advised organizations to strengthen authentication processes, monitor API and network traffic more carefully, and place stricter limits on third-party connections.
Although Stellantis claims that only basic customer contact information was exposed, the breach highlights how popular cloud platforms, such as Salesforce, along with other trusted third-party services, are increasingly being targeted for extensive data theft. Stellantis urges those contacted regarding the incident to confirm any requests or notifications using official customer service channels to avoid phishing attempts.
Caught feelings for cybersecurity? It’s okay, it happens. Follow us on LinkedIn and Instagram to keep the spark alive.
