Peugeot hit by cyberattack in France with clients’ personal data stolen

Hackers who stole client data from Peugeot are understood to have said they will release the information on January 6 unless the company pays a ransom, the amount of which has not been publicly disclosed.

The cyberattack in December saw around 40GB of data, including customers’ telephone numbers, email addresses, identity documents and number plates taken from dealerships, with those in Lot-et-Garonne primarily affected.

The group behind the attack, Cicada 3301, have purportedly put the stolen data online ready to be released.

Read more: Deals available on new electric cars as France’s state bonus set to end

On December 20, Peugeot's parent company Stellantis told news website L’Informé that it was “aware of the situation”, adding that “the group's teams are currently investigating what happened.”

The theft and release of client information may have serious implications for Peugeot and Stellantis, which could face steep fines under the European General Data Protection Regulation.