Overview

• The compromised third-party supports Stellantis’ North American customer service operations, according to the company.
• Stellantis says only contact details — names and email addresses — were accessed, with no financial or sensitive personal data involved.
• The automaker activated incident response protocols, notified authorities, and is directly informing affected customers.
• Stellantis has not identified the vendor, disclosed the number of people impacted, or detailed the attack method as the investigation continues.
• The disclosure comes as the industry contends with separate cyberattacks, including Jaguar Land Rover’s ongoing outage that has kept factories closed through at least September 24.