Mercedes-Benz

Notification of data breach incident

Advice of a customer data breach

Mercedes-Benz Sydney (MBS) advises customers that MBS has reason to suspect that a data breach has occurred resulting in unauthorised access to personal information held by MBS’s third-party software provider, Dealer Drive Australia Pty Ltd (Dealer Drive).  Dealer Drive provides a software program for recording the details of customers who take vehicles for test drives and/or have the use of a courtesy vehicle.

Nature of the Data Breach

The Australian Federal Police (AFP) recently contacted MBS to advise that that material seized from suspects during an investigation included files containing Dealer Drive held personal information relating to MBS’s customers.

The AFP believes that malicious criminal activity targeting Dealer Drive resulted in a data breach where personal information was able to be accessed and extracted.

Time of occurrence

The AFP has informed us that the offence period occurred in early 2018. However, we have not been supplied with detailed information by the AFP, nor by Dealer Drive, as to which data may have been accessed. We have made additional enquiries but can only rely on the information that these third parties have disclosed to us.

Personal information that may have been compromised

The type of personal information involved in the Dealer Drive data breach could include:

• front and back photographs of driver’s licences (depicting facial photograph, full name, address, date of birth, driver's licence number, signature)

• contact phone numbers

• email addresses

• time of test-driving vehicles

Individual action to mitigate impact

If you test drove a vehicle at MBS or had the use of a courtesy vehicle in the first three months of 2018, your personal data may be impacted. 

We therefore recommend that you monitor your consumer credit file, bank accounts and other credit accounts for any unauthorised activity and take such steps as you consider appropriate to ensure ongoing security.

Contact any or all of the following credit bureaus to obtain a current credit report to ascertain if there has been any recent unauthorised activity or unexpected adverse impact on your credit history. 

You can request a credit check for free once per year:

Illion Australia

https://www.creditcheck.illion.com.au/

1300 734 806

Experian Australia

https://www.experian.com.au/order-credit-report

1300 783 684

Equifax

https://www.equifax.com.au/personal/products

138 332

If you identify any unauthorised activity, then you should consider contacting Service NSW on 13 77 88 or via the Service NSW website to request the cancellation and re-issue of your driver’s licence (if you have not done so since March 2018). www.service.nsw.gov.au.

• If your driver's licence has been used for fraudulent activity, Service NSW may consider changing your licence number where there is a reasonable request to do so. Further information is available at: 

https://www.service.nsw.gov.au/transaction/replace-nsw-driver-licence-online

• If you have a driver's licence issued by another Government, please check with the relevant Department for their recommendations relating to your driver's licence and its potential re-issue.

Should you have any questions

Mercedes-Benz Sydney always treats even the potential of a data breach extremely seriously. In this case we are working with Dealer Drive to further investigate this matter and with the Office of the Australian Information Commissioner as part of our continuing work on the protection of customer data.

If you have any questions or concerns, please contact MBS at the following details:

Email: brenda.quach@mbsydney.com.au

Telephone: (02) 9697 7777