Stellantis data breach overview:
- Who: Stellantis has disclosed a data breach affecting its North American customers.
- Why: Customer contact information was stolen from a third-party service provider’s platform.
- Where: The data breach affects customers in North America.
Automotive giant Stellantis has announced a data breach that compromised the contact information of its North American customers through a third-party service provider’s platform.
Stellantis owns 14 auto brands, including Chrysler, Dodge, Fiat, Jeep, Maserati and Ram.
The breach was reported on Sept. 23, 2025, and Stellantis has since activated its incident response protocols to address the issue.
The breach involved a third-party service provider that supports Stellantis’ North American operations. The automaker has clarified that the compromised data was limited to contact information, and no financial or sensitive personal information was accessed.
Stellantis has not disclosed the specific type of contact information that was compromised but has urged customers to be cautious of potential phishing attacks.
“Importantly, the affected platform does not store financial or sensitive personal information, and none was accessed,” the automaker stated. The company is directly notifying affected individuals and has taken steps to contain and mitigate the situation.
Stellantis urges vigilance against phishing after data breach
Stellantis has emphasized the importance of customer vigilance following the data breach. The automaker has advised customers to be wary of unsolicited communications that may contain suspicious links or requests for personal information.
“We encourage customers to remain vigilant against potential phishing attempts and avoid clicking on suspicious links or sharing personal information in response to unexpected emails, texts or calls,” the data breach notice advises.
The breach is believed to be part of a larger campaign by the ShinyHunters extortion group, which targeted third-party integrations and tokens across enterprise systems.
Stellantis has not confirmed the identity of the third-party platform involved but has taken immediate action to address the breach.
The company is actively working to resolve the issue and has notified the appropriate authorities. Customers are encouraged to contact Stellantis directly through official channels if they have any questions or need to verify communications.
For further assistance, customers can reach out to Stellantis’ customer service at 1 (800) 334-9200 or via email at [email protected] or [email protected].
Stellantis says it has not received any reports of identity theft or financial loss related to the breach so far. The company is not currently facing legal action over the breach, but Top Class Actions follows data breaches closely as they sometimes lead to class action lawsuits.
Recently, fashion giant Kering and associated brands Gucci, Balenciaga and McQueen were hit by a massive data breach linked to the ShinyHunters group.
Are you affected by the Stellantis data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
- Class action alleges Canada Dry misleads consumers about product origin
- Bait-and-switch? Washington Nationals sued for advertising fake ticket prices in new class action lawsuit
- Aetna class action lawsuit alleging LGBTQ+ infertility discrimination survives dismissal
- Capital One class action settlement draws fire from 18 state attorneys general, deemed ‘inadequate’
