Alleged Mercedes-Benz customer data listed for sale on cybercrime marketplace

Mercedes-Benz, the German luxury automotive manufacturer, may have become the latest target in a growing wave of cyberattacks affecting the global automotive industry after a threat actor listed an alleged customer dataset for sale on an underground cybercrime marketplace.

The listing claims to contain approximately 130,000 customer and vehicle records in Excel and CSV file formats. The seller alleges the dataset includes customer names, addresses, city and postcode information, mobile phone numbers, email addresses, vehicle numbers, Mercedes vehicle identification details, registration records, MOT due dates, last service dates, and order or quote status information.

Ten sample records were publicly shared alongside the listing. The exposed information includes full names, UK-format phone numbers, UK postcodes, vehicle models, registration numbers, and Ministry of Transport test due dates. The nature of the records suggests the data may be connected to a Mercedes-Benz dealership or business operation in the United Kingdom.

Mercedes-Benz had not publicly confirmed the authenticity of the dataset at the time of publication.

Cybersecurity experts warn that exposed vehicle information can be exploited in a range of criminal schemes extending beyond conventional identity fraud. One of the most concerning threats involves vehicle identification number cloning, where criminals use legitimate VIN data from registered vehicles to disguise stolen cars and resell them using counterfeit documentation.

Leaked ownership and registration records can also support the creation of fraudulent registration papers and vehicle titles used in online marketplace scams. Attackers may additionally use detailed customer information to launch targeted phishing campaigns disguised as maintenance reminders, recall notices, or financing communications tailored to a victim’s exact vehicle model and service history.

Luxury vehicle owners may face elevated physical security risks as well. Data linking high-end vehicles to residential addresses could enable organized theft operations targeting premium models such as Mercedes-Benz AMG or S-Class vehicles.

The automotive industry has experienced a sustained increase in cybersecurity incidents over the past year. The 2025 Upstream automotive cybersecurity report found that cyber incidents increased by 38%, while 60% of recorded incidents had the potential to impact thousands or millions of connected vehicles. Data and privacy breaches accounted for 59% of the reported cybersecurity events.