Skip to content
Supply chainContained

Data leak at Suzuki

Suzuki France disclosed that a cyberattack on one of its third-party partner systems exposed a customer file containing names, email addresses, postal addresses and phone numbers; no financial data or passwords were affected.

Victim
Suzuki

On 20 November 2025, Suzuki — the French arm of the Japanese vehicle manufacturer — disclosed that one of its third-party partners had suffered a cyberattack that exposed a file of Suzuki France customer data. The compromise originated in the partner's information system rather than Suzuki's own infrastructure.

The exposed file contained contact details only. According to Suzuki France's statement, no financial information and no passwords were present in the affected data.

Categories of data exposed:

  • Title, first name and last name
  • Email address
  • Postal address
  • Phone number

Suzuki France said it secured the data, reinforced its security measures, carried out a technical analysis of the incident and notified the French data protection authority (CNIL). The exact number of customers affected was not disclosed.

Sources

  1. suzuki.frhttps://www.suzuki.fr/securite-donnees-personnelles
  2. bonjourlafuite.eu.orghttps://bonjourlafuite.eu.org/#Suzuki-2025-11-20

Related incidents

Supply chainContained

Leak at Air France

In August 2025, Air France-KLM disclosed that attackers accessed customer data — names, contact details, Flying Blue loyalty numbers and status, and customer-service request subjects — via a compromised third-party customer-service platform.

Victim
Air France
Supply chainResolved

Leak at Hertz

On 15 April 2025, car-rental company Hertz disclosed a data breach stemming from the late-2024 zero-day exploitation of Cleo's file-transfer software by the CL0P group, exposing customer names, contact details, dates of birth, driver's licences, credit-card and passport data.

Victim
Hertz