Mercedes-Benz USA Exposes Personal Data of 1.6 Million Customers

Tu Phan
Author

Tu Phan

On June 24th, luxury car brand Mercedes-Benz USA joins the growing list of companies who have fallen victim to yet another data breach. This announcement comes the latest in a line of high-profile data leaks across the automotive industry, exposing how vulnerable customer personal information can be without a vigilant and proactive security solution in place to protect sensitive data at every turn. 

According to Mercedes-Benz USA, up to 1.6 million customers were affected, but fewer than 1,000 customers had more of their personal information exposed, such as dates of birth, social security, driver’s license and phone numbers, all of which make identity theft a very real and grave possibility. 

This information was stored on a third-party vendor’s cloud storage platform and was “inadvertently made accessible.” Though an “internet search would not return any information contained in these files,” Mercedes-Benz reported that “one would need knowledge of special software programs and tools” to access the data. 

This data breach is another example of how vulnerable data becomes as it travels throughout its many lifecycle stages from creation to misuse to archival. While the details of the breach aren’t fully available, we can infer that sensitive data was stored in a cloud data store like an AWS S3 bucket, and the bucket was misconfigured and left open to the public. It’s important for companies to implement comprehensive data security measures across their own infrastructure (and their vendor’s) that include regular scans of data store misconfigurations. 

With Dasera, companies can not only automatically scan for misconfigured data stores they can also protect their entire data lifecycle and secure their sensitive data from cradle to grave. 

 

Dasera

Dasera helps cloud-first organizations secure data that traditional tools like access control and DLP aren’t designed to address. The platform manages data sprawl, monitors data in-use, and discovers misconfiguration and permission errors. Only Dasera secures the entire cloud data lifecycle - from creation to archival. Named among the 10 Hottest Cloud Security Startups Of 2021 by CRN, Dasera was co-founded by serial-entrepreneurs Ani Chaudhuri and Noah Johnson and is backed by Sierra Ventures, One Way Ventures, Saama Capital, Sand Hill Angels, and others.


To learn more, visit www.dasera.com or contact us at info@dasera.com

You May also Like: