Company Details
mercedes-benz_ag
35,360
2,246,561
3361
mercedes-benz.com
0
MER_1045021
In-progress

Mercedes-Benz AG Company CyberSecurity Posture
mercedes-benz.com"Love of invention will never end." - Carl Benz Learn more about us as we continue to pioneer the future of driving excellence. Data privacy: mb4.me/provider_privacy Mercedes-Benz AG Mercedesstraße 120 70372 Stuttgart Germany Phone: +49 7 11 17-0 E-Mail: [email protected] For inquiries regarding the content on this website, please contact any of the provided contacts. You may address your concerns in English or your respective native language. Represented by the Board of Management: Ola Källenius, Chairman; Jörg Burzer, Mathias Geisen, Renata Jungo Brüngger, Markus Schäfer, Britta Seeger, Oliver Thöne, Harald Wilhelm Chairman of the Supervisory Board: Martin Brudermüller Court of Registry: Stuttgart; commercial register no. 76 2873 VAT ID: DE321281763
Company Details
mercedes-benz_ag
35,360
2,246,561
3361
mercedes-benz.com
0
MER_1045021
In-progress
Between 800 and 849

Mercedes-Benz AG Global Score (TPRM)XXXX

Description: Owners of Mercedes-Benz vehicles have reported that the app they used to remotely find, unlock, and start their vehicles displayed information on other people's accounts and vehicles. Customers claimed that the Mercedes-Benz linked car app was accessing data from accounts other than their own and displaying names, recent activity, phone numbers, and other information for other car owners. The alleged security breach occurred late on Friday, and a few hours later the app was taken offline for site maintenance. The information shown was cached information; there was no real-time access to the account, no financial information could be viewed, and there was no way to interact with or locate the car connected to the account.


No incidents recorded for Mercedes-Benz AG in 2025.
No incidents recorded for Mercedes-Benz AG in 2025.
No incidents recorded for Mercedes-Benz AG in 2025.
Mercedes-Benz AG cyber incidents detection timeline including parent company and subsidiaries

"Love of invention will never end." - Carl Benz Learn more about us as we continue to pioneer the future of driving excellence. Data privacy: mb4.me/provider_privacy Mercedes-Benz AG Mercedesstraße 120 70372 Stuttgart Germany Phone: +49 7 11 17-0 E-Mail: [email protected] For inquiries regarding the content on this website, please contact any of the provided contacts. You may address your concerns in English or your respective native language. Represented by the Board of Management: Ola Källenius, Chairman; Jörg Burzer, Mathias Geisen, Renata Jungo Brüngger, Markus Schäfer, Britta Seeger, Oliver Thöne, Harald Wilhelm Chairman of the Supervisory Board: Martin Brudermüller Court of Registry: Stuttgart; commercial register no. 76 2873 VAT ID: DE321281763


A USD 19.4 billion multinational group based in Mumbai, India, Mahindra provides employment opportunities to over 256,000 people across 100 countries. Mahindra operates in the key industries that drive economic growth, enjoying a leadership position in tractors, utility vehicles, information technol
Pirelli was founded in Milan in 1872 and today stands as a global brand known for its cutting-edge technology, high-end production excellence and passion for innovation that draws heavily on its Italian roots. With 18 production plants in 12 countries and a commercial presence in over 160, Pirelli h

TVS Motor Company is a reputed two and three-wheeler manufacturer globally, championing progress through Mobility with a focus on sustainability. Rooted in our 100-year legacy of Trust, Value, and Passion for Customers and Exactness, we take pride in making internationally aspirational products of t

Adient (NYSE: ADNT) is a global leader in automotive seating. With 70,000+ employees in 29 countries, Adient operates more than 200 manufacturing/assembly plants worldwide. We produce and deliver automotive seating for all major OEMs. From complete seating systems to individual foam, trim and metal
At Cummins, we empower everyone to grow their careers through meaningful work, building inclusive and equitable teams, coaching, development and opportunities to make a difference. Across our entire organization, you'll find engineers, developers, and technicians who are innovating, designing, testi

MAHLE is a leading international development partner and supplier to the automotive industry with customers in both passenger car and commercial vehicle sectors. Founded in 1920, the technology group is working on the climate-neutral mobility of tomorrow, with a focus on the strategic areas of elect

In 1903, out of a small shed in Milwaukee, Wisconsin, four young men lit a cultural wildfire that would grow and spread across geographies and generations. Their innovation and imagination for what was possible on two wheels sparked a transportation revolution and lifestyle that would make Harley-Da

DENSO is one of the world's largest automotive suppliers with a 75-year history of providing advanced automotive systems and technology to automakers worldwide. While our products are featured on nearly every vehicle make and model on the road today, we're also looking to innovate beyond automotive

General Motors’ vision is to create a world with Zero Crashes, Zero Emissions and Zero Congestion, and we have committed ourselves to leading the way toward this future. Today, we are in the midst of a transportation revolution, and we have the ambition, the talent and the technology to realize the
.png)
After topping Sportico's list of highest-earning female athletes for the third straight year, Gauff has added another luxury brand to her...
A threat actor known as "zestix" has claimed responsibility for a significant data breach affecting Mercedes-Benz USA (MBUSA),...
The Mercedes-AMG PETRONAS F1 Team and George Kurtz, CEO and Founder of CrowdStrike, today announced that Kurtz has become a co-owner of the...
George Kurtz has become a minority owner of the Mercedes-AMG Formula 1 team, with the CrowdStrike co-founder and CEO personally purchasing a...
George Kurtz has brought Toto Wolff's 15% stake in Mercedes' Formula 1 team however the Austrian's role in the team will be unchanged.
Business innovator and 24 Hours of Le Mans winner invests in the future of the Mercedes-AMG PETRONAS F1 Team.
Mercedes Formula One Chief Executive Officer Toto Wolff is in talks to sell some of his stake in a deal that could value the team at a...
Mercedes-Benz enhances manufacturing efficiency and on-time delivery by integrating Celonis Process Intelligence across its global...
Despite market headwinds, Mercedes-Benz Group AG (MBGAF) focuses on innovation and shareholder returns with a new share buyback program and...

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Mercedes-Benz AG is http://www.mercedes-benz.com/.
According to Rankiteo, Mercedes-Benz AG’s AI-generated cybersecurity score is 802, reflecting their Good security posture.
According to Rankiteo, Mercedes-Benz AG currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Mercedes-Benz AG is not certified under SOC 2 Type 1.
According to Rankiteo, Mercedes-Benz AG does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Mercedes-Benz AG is not listed as GDPR compliant.
According to Rankiteo, Mercedes-Benz AG does not currently maintain PCI DSS compliance.
According to Rankiteo, Mercedes-Benz AG is not compliant with HIPAA regulations.
According to Rankiteo,Mercedes-Benz AG is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Mercedes-Benz AG operates primarily in the Motor Vehicle Manufacturing industry.
Mercedes-Benz AG employs approximately 35,360 people worldwide.
Mercedes-Benz AG presently has no subsidiaries across any sectors.
Mercedes-Benz AG’s official LinkedIn profile has approximately 2,246,561 followers.
Mercedes-Benz AG is classified under the NAICS code 3361, which corresponds to Motor Vehicle Manufacturing.
No, Mercedes-Benz AG does not have a profile on Crunchbase.
Yes, Mercedes-Benz AG maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mercedes-benz_ag.
As of December 21, 2025, Rankiteo reports that Mercedes-Benz AG has experienced 1 cybersecurity incidents.
Mercedes-Benz AG has an estimated 12,716 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with app taken offline for site maintenance..
Title: Mercedes-Benz Linked Car App Data Breach
Description: Owners of Mercedes-Benz vehicles have reported that the app they used to remotely find, unlock, and start their vehicles displayed information on other people's accounts and vehicles.
Date Detected: Late on Friday
Type: Data Breach
Attack Vector: Application Vulnerability
Common Attack Types: The most common types of attacks the company has faced is Data Leak.

Data Compromised: Names, Recent activity, Phone numbers
Systems Affected: Mercedes-Benz Linked Car App
Downtime: App taken offline for site maintenance
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Recent Activity, Phone Numbers and .

Entity Name: Mercedes-Benz
Entity Type: Company
Industry: Automotive

Containment Measures: App taken offline for site maintenance

Type of Data Compromised: Names, Recent activity, Phone numbers
Personally Identifiable Information: NamesPhone Numbers
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by app taken offline for site maintenance.
Most Recent Incident Detected: The most recent incident detected was on Late on Friday.
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Recent Activity, Phone Numbers and .
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was App taken offline for site maintenance.
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Recent Activity, Phone Numbers and Names.
.png)
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.