British drivers data surfaces on hacker market, Mercedes questions dataset's legitimacy

Published: 25 May 2026
Last updated: 27 May 2026
mercedes benz allegedly hit by hackers

Mercedes-Benz, the globally renowned German luxury automotive brand, may be the latest victim in a string of attacks against the automotive sector. At least that's what hackers claim. The company's representatives call the data "unreliable."

Cybercriminals are increasingly targeting major automotive manufacturers, putting car owners at high risk of fraud and even the physical theft of a luxury vehicle.

Global giants are not immune to the current wave of cyberattacks. A threat actor has just listed a dataset allegedly linked to Mercedes for sale.

ADVERTISEMENT

In 2025, the Mercedes-Benz Group generated over €132 billion in revenue. During that same calendar year, the group delivered over 2 million passenger cars and vans to customers worldwide.

The post appeared on a well-known underground marketplace, claiming to contain 130,000 customer and vehicle data records in Excel/CVS format.

In the post, the attacker claims that the dataset contains:

  • Customer names
  • Address information
  • City/Postcodes
  • Mobile numbers
  • Email addresses
  • Vehicle number
  • Mercedes Vehicle Number
  • Mercedes Vehicle Model
  • Registration number
  • Registration date
  • MOT due date
  • Last service date
  • Order and quote status

The threat actor posted 10 sample records to back up their claims. Cybernews researchers have checked the listing and can confirm that the dataset includes:

  • Full names
  • Testing emails
  • UK phone numbers
  • UK postcodes
  • Car models
  • Registration numbers in UK format
  • Due date for the Ministry of Transport (MOT) test

If legitimate, such data suggests it may belong to the Mercedes-Benz branch or dealership in the UK.

From fraud to car theft, cybercrime is putting car owners at risk

ADVERTISEMENT

The data leak introduces multiple risks, as vehicle ownership intelligence has become one of the most valuable commodities in cybercrime markets.

Data such as VIN numbers, vehicle models, purchase dates, and registration records can be weaponized far beyond ordinary fraud.

One scheme involves VIN cloning, in which criminals steal a legitimate VIN from a legally registered vehicle and attach it to a stolen car of the same make and model.

This allows the stolen vehicle to be resold with counterfeit documentation. Law enforcement agencies have repeatedly flagged VIN swapping as a rapidly escalating fraud trend.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

The risks extend beyond stolen cars. Criminals can also use legitimate VIN and ownership data to generate fake registration papers and titles for online marketplace scams.

Attackers can also exploit vehicle ownership data in highly targeted phishing campaigns, sending fake maintenance alerts, recall notices, or financing updates.

Leaked personal data makes phishing more convincing, as it may reference the victim’s exact car model, lease details, or service schedules in order to redirect them to fraudulent payment portals.

For luxury brands such as Mercedes-Benz, the risks can become physical as well as digital. Knowing that a high-end vehicle like a Mercedes S-Class or AMG GT is registered to a specific address may enable targeted theft operations, allowing criminals to identify affluent owners and locate valuable vehicles with precision.

Mercedes UK says the data is linked to previous breaches and "unreliable"

ADVERTISEMENT

Cybernews has reached out to Mercedes UK for comment, and the company has confirmed that it is aware of the claims on the hacker forum.

"Based on our assessment, it is linked to a previously known incident involving an external UK dealership, which was thoroughly investigated at the time," the company's spokesperson said.

According to the company, the dataset advertised on a hacker forum has been "altered" and is not reliable. “There is no indication of any current breach of Mercedes-Benz systems or any new risk to customers. Protecting customer data and maintaining robust cybersecurity standards remain top priorities for Mercedes-Benz,” the company added.

Hackers focus on the automotive sector

The 2025 Upstream automotive cybersecurity report noted that cyber incidents surged by 38%, with 60% of incidents capable of affecting thousands to millions of connected vehicles. Data and privacy breaches accounted for 59% of the cybersecurity incidents.

Many car brands have suffered data breaches, making 2025 a not-so-easy year for the industry. In March, hackers leaked Jaguar Land Rover's source code. JLR confirmed that data was stolen in the cyberattack, which disrupted factory operations for weeks and forced staff to stay home.

In April, car rental giant Hertz suffered a major breach after the Cl0p group exploited zero-day vulnerabilities, stealing drivers' licenses and other sensitive data.

In September, the Everest ransomware group claimed BMW as a victim. In November, a customer data breach affected Hyundai's IT services arm, Hyundai AutoEver America.

In the same month, a hacker claimed to have breached Credera, a consultancy firm, and reportedly stole data related to major clients, including Mercedes-Benz.

Updated on May 27th [14:00 p.m. GMT+2] with a statement from Mercedes-Benz UK.

ADVERTISEMENT

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked