Stellantis & the Larger Salesforce Breach

Overview

Automotive giant Stellantis—maker of Jeep, Chrysler, Dodge, Fiat, and other brands—has confirmed a data breach affecting customers in North America. Hackers accessed a third-party platform used by Stellantis—Salesforce—and stole customer contact details such as names, phone numbers, emails, and mailing addresses.

Stellantis says financial information and highly sensitive personal identifiers were not part of the exposed platform. Even so, stolen contact data can fuel scams and impersonation attempts. The incident links to a broader 2025 campaign targeting Salesforce environments across multiple industries.

How It Happened

This wasn’t a direct break-in to Stellantis’s own servers. Attackers focused on Salesforce, a cloud service used by many companies to manage customer relationships. The group widely linked to these attacks—often referred to as ShinyHunters—leaned on social engineering.

A key tactic here is phone-based social engineering, also known as vishing. In simple terms, criminals call employees while pretending to be trusted IT staff, then nudge them to approve a connection or app that quietly grants access to customer records stored in Salesforce. Once the door is open, large data exports become possible.

Why third parties matter: When a vendor platform like Salesforce is compromised, many companies that rely on it can be affected all at once.

Who Else Was Affected

The Stellantis breach sits within a wider wave of Salesforce-related incidents in 2025. Public reports have linked the campaign to a range of brands:

  • Adidas — Consumer contact details from customer-service interactions.
  • Google — Business contact data from a Salesforce instance used for small/medium-business outreach.
  • LVMH brands (Louis Vuitton, Dior, Tiffany & Co.) — Customer contact info and client-care records.
  • Chanel — Client-care database entries with personal and service details.
  • Pandora — Customer profiles and contact data.
  • Qantas Airways — Passenger contact records via CRM.
  • Air France / KLM — Customer contact and loyalty-program details.
  • Allianz Life — U.S. customer records from a Salesforce-connected system.

Details vary by company, but most have emphasized that payment card data and passwords were not part of what was taken.

Risks

Even without banking details, exposed contact information is valuable to scammers. It helps them look legitimate when they reach out, and it can be combined with older leaks to build convincing profiles. The most common follow-on problems include:

  • Phishing emails & fake texts about recalls, warranties, deliveries, or payments.
  • Impersonation phone calls from fraudsters posing as customer support, insurers, or dealerships.
  • “Triangulation” of identity by mixing data from multiple breaches to bypass simple security checks.

Recommendations

You don’t need to be a tech expert to lower your risk. A few careful habits go a long way:

  • Be skeptical of surprises. If you get an unexpected message about your car, flight, or policy, don’t click links—go to the official website or call the known support number.
  • Turn on two-factor authentication (2FA). Enable it for email, financial accounts, and any services tied to your purchases or travel.
  • Watch your inbox and statements. Look for unusual activity or requests for “verification” of personal details.
  • Learn the red flags of phone scams. Review this short guide on vishing so you can spot manipulative tactics quickly.
  • Follow official updates. Companies may share more specifics as investigations progress.

Note: This article summarizes public statements and reporting available at the time of writing. Exact data types and counts can differ by company and may be updated as investigations continue.