Owners of Ram, Jeep, and Dodge Vehicles Vulnerable to Scams Following Recent Data Breach

      Artur Widak/NurPhoto via Getty Images

      The most significant automotive news and reviews, no nonsense

      Our complimentary daily newsletter delivers the essential stories directly to you every weekday.

      If you're a person who pays taxes, chances are you've had some personal information compromised in a data breach. It's an unfortunate reality of living in the digital age, regardless of the precautions you take. Stellantis customers are the latest to fall victim to this issue, with the automaker announcing on Sunday (not the best day to reveal troubling news) that an unauthorized individual had obtained “access to a third-party service provider’s platform that supports [its] North American customer service operations.” What makes this case particularly alarming is the way the acquired data is being utilized to enhance phishing scams.

      Stellantis stated that the information taken was "limited to contact details" and did not consist of financial or sensitive personal data. IT security website BleepingComputer reported that the ShinyHunters extortion group claimed responsibility for the breach, which is one of several recent incidents targeting companies that utilize Salesforce. The attackers claimed to have stolen 18 million records, including names and contact information, from Stellantis' Salesforce account.

      While stolen phone numbers and email addresses might not seem particularly severe, they can still facilitate highly damaging scams. Many are familiar with phishing schemes aimed at persuading individuals to divulge financial information or make payments, but, as noted by our colleagues at The Autopian, criminals now exploit the prevalence of leaked data available online to convince you of their authenticity. This could take the shape of a phone call from a real person or a convincing voice that tries to gain your trust by using your actual name, email, or home address before attempting to defraud you.

      I experienced a similar scam last year when I received an email with a subject line containing a password I hadn't used in about a decade. This was alarming enough to catch my attention, and upon reading the email, it demanded ransom, threatening to expose the unsavory websites I supposedly visit. It would take a lot more to access my browsing history, you scammers!

      This illustrates that phishing tactics are becoming increasingly sophisticated. For this reason, Stellantis advises “customers to stay vigilant against potential phishing attempts and to avoid clicking on suspicious links or sharing personal information in response to unexpected emails, texts, or calls.” If you wish to confirm whether Stellantis is legitimately requesting payment—something they likely wouldn't do without prior communication—it's best to contact them through official channels. Given the current climate, this is generally wise advice for any unsolicited caller.

      Have a tip? Reach out to us at [email protected]