Global Automaker's Customer Data Stolen in Widespread Third-Party Breach

A major automotive manufacturer has confirmed a data breach after attackers compromised a third-party service provider used for customer service operations. The breach resulted in the theft of customer contact information, though the company stated no financial or other sensitive data was exposed. This incident is part of a massive data theft campaign by an extortion group that has targeted hundreds of companies by exploiting their Salesforce environments. The attackers reportedly used stolen authentication tokens from a third-party chat integration to exfiltrate over a billion records from numerous high-profile organizations. The automaker is notifying affected customers and has advised them to be cautious of potential phishing attempts.