Stellantis, the multinational automotive company behind brands such as Chrysler, Fiat, Jeep, Dodge, and Ram, has confirmed that a security breach has exposed customers’ personal information.

In an official statement released on Sunday, Stellantis reported that the incident involved a third-party service provider’s platform used to support its North American customer service operations. While the company confirmed that contact information was accessed, Stellantis spokesperson Kaileen Connelly did not specify the exact types of data involved or the number of affected customers.

Reports from Bleeping Computer suggest that the breach is linked to a compromise of Stellantis’ Salesforce database, with the hacker group ShinyHunters claiming responsibility. According to the reports, the attackers allegedly stole 18 million customer records from the database.

This breach adds Stellantis to a growing list of high-profile companies, including Cloudflare, Google, and Proofpoint, that have experienced data theft linked to Salesforce vulnerabilities, such as those affecting Salesloft and Drift.

The incident highlights the ongoing risk posed by third-party service providers and the critical importance of securing customer data across cloud-based platforms, particularly for companies handling sensitive personal information on a large scale.

Source: https://techcrunch.com/2025/09/22/automaker-giant-stellantis-says-customers-personal-data-stolen-during-breach