Whether targeted for their own data, or as a backdoor channel to a larger partner or client, cyber thieves often set their sights on small organizations for easy access to consumer information. This month, third-party data breaches were responsible for exposing millions of customer records belonging to major automotive companies, a supermarket and a clothing retailer.
Here are the recent data breaches that made headlines in June 2021:
Volkswagen & Audi
A third-party marketing services supplier disclosed the personal information of 3.3 million customers of Volkswagen and its Audi subsidiary. The exposed data includes their name, mailing address, email address and phone numbers. The data may also include information about a vehicle that has been purchased, leased or inquired about, including vehicle identification numbers, makes, models, years, colors and trim packages.
The personal and shipping information of over 410,000 customers of the baby clothing retailer, Carter’s, was exposed due to a third-party data breach with the company’s online purchases software. The information disclosed in the data leak includes names, email addresses, billing addresses, phone numbers, purchasing details, and shipping tracking IDs and links.
The U.S. supermarket chain, Wegmans Food Markets, notified an undisclosed number of customers that their data was exposed after two of its cloud-based databases were misconfigured and made publicly accessible online. The personal information in the databases included customer names, addresses, phone numbers, birth dates, Shoppers Club numbers, email addresses, and hashed passwords to Wegmans.com accounts.
A data leak from a third-party vendor exposed the personal information of up to 1.6 million customers of the automotive company, Mercedes-Benz. The data leak disclosed customer names, street addresses, email addresses and phone numbers and at least 1,000 customers had driver’s license numbers, Social Security numbers, credit card information and dates of birth exposed.