Renault and Dacia Suffer User Data Leak
Customers of Renault and Dacia in the United Kingdom have been notified that their personal information has been compromised following a data breach at a third-party contractor.
The French automaker—whose Dacia brand operates as a subsidiary—employs over 170,000 people and produces around 2.2 million vehicles annually. According to the company, the incident affected only customers of its UK operations. Renault emphasized that its own systems were not breached, and the issue originated from an external partner.
“We regret to inform you that one of our partners has been subjected to a cyberattack, as a result of which personal data of some Renault UK customers was stolen from their system,” the company said in a notice to affected users.
What Data Was Exposed
The compromised information reportedly includes:
- Full name
- Gender
- Phone number
- Email address
- Postal address
- Vehicle VIN code
- License plate number
While no banking or financial data was exposed, this combination of personal and vehicle information could be exploited in phishing, fraud, or social engineering campaigns.
Company and Regulatory Response
Renault stated that the affected contractor has contained the breach and removed the threat from its systems. The company has also notified UK regulators, including the Information Commissioner’s Office (ICO), about the incident.
Customers have been urged to remain cautious, avoid responding to suspicious emails or calls, and never share passwords or sensitive information with unverified sources.
Summary
Although Renault’s internal systems remain secure, the incident highlights the ongoing risk posed by third-party vendors in the automotive supply chain. As automakers increasingly rely on digital platforms for customer engagement and service management, ensuring the security of partner ecosystems remains as vital as protecting core IT infrastructure.
