Porsche the German Luxury and sports car maker admitted on Tuesday that personal information of over 28,700 Porsche customers from Japan was compromised due to a cyber attack launched in January and February of this year.
Cybersecurity Insiders has learned that the info was leaked to hackers from the luxury automaker’s Japanese unit between January 22 and February 12th of this year, resulting in email addresses of 24k customers being stolen.
The high-performance automobile maker claims that the email addresses which were leaked belong to those who requested for catalogs from its website between 2000 to 2009. Furthermore, the leaked data also comprises of 5,568 email addresses of people who signed up for a Porsche promotion campaign in July 2015.
A spokesperson from Porsche’s Japanese unit said that details such as customer names, home addresses, contact numbers, annual salaries and the number and types of cars they own weren’t compromised.
Usually, luxury automobile makers collect personal details of a person such as his/her occupation, yearly earnings, bank statement and the list of the current fleet of vehicles which they own, before handing over the keys of a new vehicle built by their engineers.
Benz, Audi, Porsche, Toyota (for Prado), Bentley, BMW, Lexus, used to follow these rules until the year 2012. However, from the past few years, some vehicle manufacturers have exempted some country users from handing over their earning details. But Porsche is still said to be following the old protocol of checking the bank balance of its prospective customers before handing them the keys to a new model from its automobile stable.
So, if in case, the servers of Porsche’s Japanese segment could have been compromised, then all the above said details could have reached the customers.
The company apologized for the cyber attack incident and assured that it will take all necessary steps to avoid such incidents in future.
Note- The incident was discovered when security experts from Porsche AG’s German segment conducted a review of their ITs security infrastructure. They immediately alerted the contractor who handles Porsche users’ personal data from Japan who later confirmed about a possible security breach between Jan and Feb of 2018.