Stellantis has disclosed a data breach involving a third-party service provider supporting its North American customer service operations, marking the latest cyber incident to hit the global automotive sector.
In a statement issued Sunday, the automaker, whose brands include Chrysler, Jeep, Ram, Dodge, Fiat, and Peugeot, confirmed unauthorized access to a vendor platform. The breach exposed customer contact information, though the company stressed that no financial or highly sensitive personal data had been compromised. “Upon discovery, we immediately activated our incident response protocols and are directly informing affected customers,” the company said, adding that production has not been impacted.
The third-party vendor has not been identified, and Stellantis has yet to disclose the number of affected customers. Law enforcement has been notified, and the company is continuing its investigation. Customers are being cautioned to remain vigilant against potential phishing attempts linked to the data exposure, according to Reuters.
The incident adds to a growing series of cyberattacks targeting automakers and their supply chains, underscoring the industry’s vulnerability as it becomes increasingly reliant on connected services and digital infrastructure.
Earlier this month, Jaguar Land Rover (JLR) reported a severe cybersecurity breach that disrupted retail and production operations. The company’s UK and international factories remain shut down, with activity not expected to resume until at least September 24. The attack has caused widespread outages in order processing, payment systems, parts availability, and internal communications. Automotive News also reported that JLR had lost track of nearly 40,000 new vehicles pending delivery.
The disruption has cascaded across JLR’s supply chain, leading to supplier delays and temporary layoffs, while labor unions have urged government action. Though the company has not confirmed the source of the attack, the ransomware group Scattered Lapsus$ Hunters has claimed responsibility.
Cybersecurity experts warn that supply chain attacks, where adversaries exploit vulnerabilities among vendors or partners to infiltrate larger corporate networks, are becoming increasingly frequent and difficult to contain. Stellantis customers now face potential phishing threats, while JLR continues to grapple with the operational fallout of its ongoing shutdown.
UPCOMING | BMW iX5 Hydrogen SUV to Launch in 2028 with New Fuel Cell Tech
