Jeep and Chrysler parent Stellantis confirms data breach

Automotive giant Stellantis has just revealed that it suffered a data breach, exposing its customers’ contact details, after attackers infiltrated a third-party platform used for North American customer services. The announcement comes at a time when large-scale attacks on cloud CRM systems have already shaken the tech and retail sectors alike, and Salesforce customers like Google, Allianz and Dior have reported similar intrusions. These previous incidents exposed names, emails, and phone numbers, which were enough for attackers to launch phishing campaigns or extortion attempts.

Sign up to receive my FREE CyberGuy report
Get my best tech tips, urgent security alerts, and exclusive offers delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Guide to Surviving Scams, free when you join me CyberGuy.com/Newsletter

TRANSUNION BECOMES THE LATEST VICTIM OF A MAJOR WAVE OF CYBER ATTACKS LINKED TO SALESFORCE, 4.4 MILLION AMERICANS AFFECTED

What you need to know about the Stellantis breach

Stellantis was formed in 2021 through the merger of PSA Group and Fiat Chrysler Automobiles. Today, it is among the world’s largest automakers by revenue and ranks fifth in volume globally. The company is home to 14 well-known brands, including Jeep and Dodge, as well as Peugeot, Maserati and Vauxhall, and operates manufacturing infrastructure in more than 130 countries. That global scale naturally makes it a tempting target for cyber adversaries.

In its public statement, Stellantis clarified that only contact information was taken. Since the compromised third-party platform does not host deeply sensitive financial or personal data, Stellantis claims that Social Security numbers, payment details, and medical records were out of reach of the attackers. In response, the company activated its incident response protocols, initiated a full investigation, contained the breach, notified authorities, and began alerting affected customers. It also issued warnings about phishing and urged customers not to click on suspicious links.

Stellantis has not disclosed how many customers the breach affected. The company has also not specified which contact fields, such as email, phone or address, the attackers accessed.

The alleged culprit, ShinyHunters and the Salesforce breaches

While Stellantis has not explicitly named the hacking group behind the breach, multiple sources link this incident to the ShinyHunters extortion campaign, which led a wave of data thefts targeting Salesforce this year.

ShinyHunters claims to have stolen more than 18 million records from Stellantis’ Salesforce instance, including names and contact details, according to Bleeping Computer. These attacks are part of a broader campaign targeting Salesforce customers. In recent months, ShinyHunters has often worked in collaboration with groups such as Scattered Spider and specific companies such as Google, Cisco, Adidas, Allianz Life, Qantas and LVMH brands such as Dior and Tiffany & Co.

OVER 2 BILLION USERS FACE PHISHING RISKS AFTER GOOGLE DATA LEAK

Their reported method is quite ingenious. Attackers exploit OAuth tokens tied to integrations like Salesloft’s Drift AI chat tool to break into Salesforce environments. Once inside, they can collect valuable metadata, credentials, AWS keys, Snowflake tokens, and more.

In fact, the FBI recently issued a Flash alert that revealed numerous indicators of compromise linked to these attacks on the Salesforce environment and warned organizations to beef up defenses. The number of accumulated victims is staggering. ShinyHunters claims to have stolen more than 1.5 billion Salesforce records across about 760 companies.

7 ways to protect yourself from breaches like Stellantis

Even if only contact details are exposed, that is enough for attackers to target you. Here’s how to stay protected.

1) Clean exposed personal data from the website

Even basic contact data can be extracted from breaches and sold on data broker platforms, where it is used for spam, scams, and targeted attacks. A data removal service can help track and request removal of your information from these databases, reducing your long-term exposure.

While no service can guarantee complete removal of your data from the Internet, a data deletion service is truly a smart choice. They are not cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically deleting your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to delete your personal data from the Internet. By limiting the information available, you reduce the risk of scammers cross-referencing leak data with information they can find on the dark web, making it harder for them to target you.

2) Stay alert for phishing attempts and use antivirus software

The most immediate risk after a breach like this is spear phishing. Attackers now have legitimate contact details, so your emails and text messages can look convincingly real. Be skeptical of any message that claims to be from Stellantis, your car brand, or a related service, especially if it urges you to click on a link, download an attachment, or share personal data.

The best way to protect yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best antivirus protection winners of 2025 for your Windows, Mac, Android, and iOS devices at CyberGuy.com.

3) Use a password manager to protect your accounts

If attackers get your contact information, they can try to use the same password on other sites. This is called credential stuffing. A password manager can create strong, unique passwords for each account. That way, a breach won’t put your other accounts at risk. It also helps you quickly update credentials in case you suspect a compromise.

Next, check to see if your email has been exposed in previous breaches. Our #1 pick for password manager includes a built-in breach scanner that checks to see if your email address or passwords have appeared in known breaches. If you discover a match, immediately change any reused passwords and protect those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at CyberGuy.com.

DIOR DATA BREACH EXPOSES PERSONAL INFORMATION OF US CUSTOMERS

4) Enable two-factor authentication (2FA) whenever possible

2FA adds an extra step to your logins by requiring a temporary code or approval in addition to your password. Even if attackers manage to steal your password, they will need that second factor to gain access. This significantly reduces the chances of account takeover attempts being successful.

5) Invest in identity theft protection

Attackers often combine exposed contact information with other data to create complete identity profiles. Identity theft protection services monitor suspicious activity, such as unauthorized credit applications or changes to official records, and alert you in advance so you can act before serious damage occurs. Identity theft companies can monitor personal information such as your Social Security number (SSN), phone number, and email address, and alert you if it is sold on the dark web or used to open an account. They can also help you freeze your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best options on how to protect yourself from identity theft at CyberGuy.com.

6) Periodically review account activity

After a breach, it is worth auditing your accounts, not only with Stellantis but also with related services such as financing portals, insurance accounts or loyalty programs. Look for unusual logins, unknown devices, or changes to your personal data. Most services offer tools to review login history and security events, making checking them a routine habit.

CLICK HERE TO GET THE News APP

Kurt’s Key Takeaway

Even manufacturing giants are vulnerable when cloud platforms and third-party systems are part of their customers’ workflow. The same patterns seen in attacks on Google, LVMH and others have now reached the automotive industry in earnest. As Stellantis faces the consequences, the broader lesson is clear. Organizations should treat the surfaces exposed by their service providers and SaaS integrations with as much vigilance as their own core systems.

Do you trust companies to protect your data or do you think they are not doing enough? Let us know by writing to us at CyberGuy.com.

Sign up to receive my FREE CyberGuy report
Get my best tech tips, urgent security alerts, and exclusive offers delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Guide to Surviving Scams, free when you join me CyberGuy.com information sheet.

Copyright 2025 CyberGuy.com. All rights reserved.