On December 25, whereas a lot of the world was observing Christmas, the Everest ransomware group revealed a brand new submit on its darkish net leak website claiming it had breached Chrysler methods, an American automaker. The group says it exfiltrated 1088 GB (over 1 TB) of knowledge, describing it as a full database linked to Chrysler operations.
In line with the menace actors, the stolen information spans from 2021 via 2025 and consists of greater than 105 GB of Salesforce associated info. Everest claims the information incorporates in depth private and operational information tied to clients, sellers, and inner brokers.
Leaked Screenshots and Pattern Information Particulars
Screenshots shared by the group and reviewed for this report seem to indicate structured databases, inner spreadsheets, listing bushes, and CRM exports. A number of photos show Salesforce information containing buyer interplay logs with names, cellphone numbers, e mail addresses, bodily addresses, automobile particulars, recall case notes, and name outcomes similar to voicemail, disconnected, unsuitable quantity, or callback scheduled.
The identical materials additionally consists of agent work logs documenting name makes an attempt, recall coordination steps, appointment dealing with, and automobile standing updates, similar to bought, repaired, or proprietor not discovered.
Further screenshots seem to reference inner file servers and directories labelled with supplier networks, automotive manufacturers, recall applications, FTP paths, and inner tooling. One set of photos additionally suggests the presence of HR or identity-related information, itemizing worker names, employment standing fields similar to energetic or completely separated, timestamps, and company e mail domains related to Stellantis.
On your info, Stellantis is a world automaker behind manufacturers similar to Jeep, Chrysler, Dodge, and FIAT. The automaker was additionally a sufferer of a cyber assault in September 2025.
Samples revealed by the attackers additionally embody recall case narratives documenting buyer conversations, interpreter use, dealership coordination, appointment scheduling, and follow-up actions. These information align with normal automotive recall assist and customer support processes and are according to the CRM information proven in different samples.
The group has threatened to publish the total dataset as soon as its countdown timer expires, stating that the corporate nonetheless has time to make contact. Everest additionally introduced plans to launch audio recordings linked to customer support interactions, additional escalating the stress.
Unconfirmed Pending Chrysler Response
Ransomware teams more and more time disclosures round holidays, when incident response capability is usually diminished. On the time of writing, Chrysler has not publicly confirmed the breach or commented on the claims, and impartial verification stays restricted.
If validated, the alleged publicity would elevate important issues relating to buyer privateness, inner operational safety, and third-party platform governance, given the reported scale and sensitivity of the CRM and recall administration information concerned.
This story is creating.
