Hackers compromised some online accounts of General Motors customers in April, potentially accessing addresses, phone numbers and other personal information, according to a data breach notice filed with California regulators.
In a letter to affected customers, GM said it identified suspicious login attempts to an unspecified number of accounts between April 11 and April 29. The intrusions allowed hackers in some cases to redeem gift cards using reward points.
It was unclear how many accounts were affected, although the California Attorney General’s Office reported that nearly 5,000 breach letters were sent to state residents. Social Security numbers and driver’s license details weren’t compromised, the company said.
GM told customers that hackers didn’t obtain passwords from GM’s systems but rather pilfered them from other websites where customers might reuse their login credentials. The company recommended its customers reset their passwords and use unique credentials for each website.
A GM spokesperson didn’t immediately respond to a request for comment from Bloomberg News. The breach was previously reported by cybernews.com.