Anyone else get this info hack email from FCA?

[JD Martin]

I'm trying to decide if this e-mail is real or a scam. It looks pretty genuine but I find it suspicious there's only a phone number and no website explanation of the issue. Figure I'd check here to see if anyone else got this. Wouldn't FCA be "USA", not "US"? :



Dear Customer,

We are writing to inform you of a recent cybersecurity incident at FCA US LLC that may have involved your personal contact information. You may know us better through our brands, which include Jeep, Chrysler, Dodge, Ram, and Alfa Romeo.

On August 8, 2025, we became aware of unauthorized access to one of our third‑party service providers’ platforms, which we use to manage customer service interactions related to vehicle issues and inquiries. Our investigation identified August 7, 2025, as the earliest date of unauthorized access to the platform. The incident resulted in acquisition of certain customer contact information, but the information is limited to your name along with one or more of the following: phone number, email address(es) associated with your account, and/or address.

What We Are Doing

• We immediately launched an investigation with the support of cybersecurity experts.
• We have taken steps to secure the affected platform and are working closely with the service provider to ensure enhanced security measures are in place.
• We are notifying the appropriate authorities.

What You Can Do

We recommend the following precautions to help protect yourself:

• Be Skeptical of Unsolicited Requests: Be wary of any unexpected emails, text messages, or phone calls asking for personal information, login credentials, or financial details. Be extra cautious of any message that expresses a sense of urgency, such as asking you to act right away.
• Verify the Sender: Always check the sender's email address. Look for any inconsistencies or misspellings in the domain name.
• Do Not Click Suspicious Links: Avoid clicking on links or downloading attachments from emails that seem unusual or are from an unknown sender.

For more resources and information on how to protect yourself, please visit the Federal Trade Commission’s website.

Need Assistance?

We are committed to supporting you through this process. If you need assistance, we have established a dedicated phone number specifically for this matter.

Please contact our dedicated support team at 1‑833‑833‑9981 with any questions.

Protecting your information is important to us. We appreciate your patience and understanding.

Sincerely,

FCA US LLC




FAQs

1. Why did I receive this letter?

You received this letter because your name, email address, and/or home address was obtained without authorization during a cyberattack on a third‑party platform we use for customer service management. No sensitive information was involved in the incident. We are notifying you out of an abundance of caution.

2. What information was involved?

Based on our investigation, the information includes your full name and one or more of the following contact details:

‑	Email address and/or
‑	Phone number and/or
‑	Address

No financial information, passwords, or government-issued ID numbers were involved.

3. Was my credit card or banking information compromised?

No. We do not store financial information on the affected platform.

4. What are you doing to fix this?

We have:

‑	Secured the affected platform
‑	Engaged cybersecurity experts to investigate
‑	Notified appropriate authorities
‑	Implemented additional safeguards to prevent future incidents

5. What should I do now?

We recommend:

‑	Being cautious of suspicious emails or messages
‑	Not clicking on links or downloading attachments from unknown sources
‑	Monitoring your email account for unusual activity
‑	Enabling multi‑factor authentication on your email if available

6. What is “phishing?”

Phishing occurs when bad actors use your contact information to send phishing emails. These emails may appear to come from legitimate sources and attempt to trick you into providing sensitive information.

Common Types of Phishing Attacks

‑	Email Phishing Attacks - Email phishing is the most prevalent type, wherein cybercriminals send out mass emails impersonating reputable organizations. These emails contain carefully crafted messages designed to provoke immediate action from recipients.
‑	Spear Phishing Attacks - These types of attacks target specific individuals or groups rather than mass audiences. Hackers conduct extensive research to personalize messages, making these attacks much harder to detect.
‑	Smishing (SMS Phishing) Attacks - Phishing carried out through text messages (SMS) are called smishing. Cybercriminals send text messages claiming to be from trusted companies or institutions, urging immediate action to resolve an issue like account suspension or unauthorized transactions.
‑	Vishing (Voice Phishing) Attacks - Voice phishing, known as vishing, involves attackers making fraudulent phone calls. Cybercriminals impersonate bank representatives, customer support agents, or government officials to gain trust.
‑	Clone Phishing Attacks - Clone phishing attacks duplicate previously delivered legitimate emails with slight alterations. Attackers replace links and attachments with malicious versions, then resend the cloned email, claiming it’s an updated or corrected version.

7. How can I tell if an email is a phishing attempt?

Watch for:

‑	Urgent or threatening language asking you to take action quickly
‑	Misspellings or grammatical errors
‑	Requests for personal or financial information
‑	Suspicious links or attachments

If you're unsure, do not click anything and contact our dedicated support team at 1‑833‑833‑9981.

8. Will you offer credit monitoring or identity theft protection?

We are not offering credit monitoring. We can help you identify and prevent a phishing attack if your contact information was impacted, which may lead to a phishing attack.

9. Who can I contact for more information?

You can reach our dedicated support team at 1‑833‑833‑9981. Our dedicated call center will be live for 90 days.


We’re here to help and answer any questions you may have, and we are committed to providing a response as quickly as possible.

 

[Curmudgeon]

No. FCA US LLC is legit...

https://www.google.com/search?client=firefox-b-1-d&q=fca+us+llc

 

[Mlarv5]

The (833) area code tells me it's a scam. The next thing is if you put the number into MR Google it comes up as most likely a spam call.

 

[1999 White C5 Coupe]

I'm trying to decide if this e-mail is real or a scam. It looks pretty genuine but I find it suspicious there's only a phone number and no website explanation of the issue. Figure I'd check here to see if anyone else got this. Wouldn't FCA be "USA", not "US"? :



Dear Customer,

We are writing to inform you of a recent cybersecurity incident at FCA US LLC that may have involved your personal contact information. You may know us better through our brands, which include Jeep, Chrysler, Dodge, Ram, and Alfa Romeo.

On August 8, 2025, we became aware of unauthorized access to one of our third‑party service providers’ platforms, which we use to manage customer service interactions related to vehicle issues and inquiries. Our investigation identified August 7, 2025, as the earliest date of unauthorized access to the platform. The incident resulted in acquisition of certain customer contact information, but the information is limited to your name along with one or more of the following: phone number, email address(es) associated with your account, and/or address.

What We Are Doing

• We immediately launched an investigation with the support of cybersecurity experts.
• We have taken steps to secure the affected platform and are working closely with the service provider to ensure enhanced security measures are in place.
• We are notifying the appropriate authorities.

What You Can Do

We recommend the following precautions to help protect yourself:

• Be Skeptical of Unsolicited Requests: Be wary of any unexpected emails, text messages, or phone calls asking for personal information, login credentials, or financial details. Be extra cautious of any message that expresses a sense of urgency, such as asking you to act right away.
• Verify the Sender: Always check the sender's email address. Look for any inconsistencies or misspellings in the domain name.
• Do Not Click Suspicious Links: Avoid clicking on links or downloading attachments from emails that seem unusual or are from an unknown sender.

For more resources and information on how to protect yourself, please visit the Federal Trade Commission’s website.

Need Assistance?

We are committed to supporting you through this process. If you need assistance, we have established a dedicated phone number specifically for this matter.

Please contact our dedicated support team at 1‑833‑833‑9981 with any questions.

Protecting your information is important to us. We appreciate your patience and understanding.

Sincerely,

FCA US LLC




FAQs

1. Why did I receive this letter?

You received this letter because your name, email address, and/or home address was obtained without authorization during a cyberattack on a third‑party platform we use for customer service management. No sensitive information was involved in the incident. We are notifying you out of an abundance of caution.

2. What information was involved?

Based on our investigation, the information includes your full name and one or more of the following contact details:

‑	Email address and/or
‑	Phone number and/or
‑	Address

No financial information, passwords, or government-issued ID numbers were involved.

3. Was my credit card or banking information compromised?

No. We do not store financial information on the affected platform.

4. What are you doing to fix this?

We have:

‑	Secured the affected platform
‑	Engaged cybersecurity experts to investigate
‑	Notified appropriate authorities
‑	Implemented additional safeguards to prevent future incidents

5. What should I do now?

We recommend:

‑	Being cautious of suspicious emails or messages
‑	Not clicking on links or downloading attachments from unknown sources
‑	Monitoring your email account for unusual activity
‑	Enabling multi‑factor authentication on your email if available

6. What is “phishing?”

Phishing occurs when bad actors use your contact information to send phishing emails. These emails may appear to come from legitimate sources and attempt to trick you into providing sensitive information.

Common Types of Phishing Attacks

‑	Email Phishing Attacks - Email phishing is the most prevalent type, wherein cybercriminals send out mass emails impersonating reputable organizations. These emails contain carefully crafted messages designed to provoke immediate action from recipients.
‑	Spear Phishing Attacks - These types of attacks target specific individuals or groups rather than mass audiences. Hackers conduct extensive research to personalize messages, making these attacks much harder to detect.
‑	Smishing (SMS Phishing) Attacks - Phishing carried out through text messages (SMS) are called smishing. Cybercriminals send text messages claiming to be from trusted companies or institutions, urging immediate action to resolve an issue like account suspension or unauthorized transactions.
‑	Vishing (Voice Phishing) Attacks - Voice phishing, known as vishing, involves attackers making fraudulent phone calls. Cybercriminals impersonate bank representatives, customer support agents, or government officials to gain trust.
‑	Clone Phishing Attacks - Clone phishing attacks duplicate previously delivered legitimate emails with slight alterations. Attackers replace links and attachments with malicious versions, then resend the cloned email, claiming it’s an updated or corrected version.

7. How can I tell if an email is a phishing attempt?

Watch for:

‑	Urgent or threatening language asking you to take action quickly
‑	Misspellings or grammatical errors
‑	Requests for personal or financial information
‑	Suspicious links or attachments

If you're unsure, do not click anything and contact our dedicated support team at 1‑833‑833‑9981.

8. Will you offer credit monitoring or identity theft protection?

We are not offering credit monitoring. We can help you identify and prevent a phishing attack if your contact information was impacted, which may lead to a phishing attack.

9. Who can I contact for more information?

You can reach our dedicated support team at 1‑833‑833‑9981. Our dedicated call center will be live for 90 days.


We’re here to help and answer any questions you may have, and we are committed to providing a response as quickly as possible.

If the issue is legitimate, you will receive a letter via the USPS explaining the issue.

I suspect your email is fraudulent and the phone number listed will be used to gather personal information from anyone that calls.

 

[jawzs2]

The (833) area code tells me it's a scam. The next thing is if you put the number into MR Google it comes up as most likely a spam call.

^^^^ this ^^^^

 

[Randy Grant]

An email about an FCA hack is almost certainly a scam. Fraudsters frequently impersonate the UK's Financial Conduct Authority (FCA) by using fake or "cloned" email addresses and official-looking logos to trick people into giving up personal information or money. The real FCA has issued multiple warnings about these types of scams.
Red flags of a scam FCA email

• Request for personal information or money: The genuine FCA will never ask you to transfer money, provide sensitive bank details, or share personal information like PINs and passwords.
• Offers to recover lost funds: Scammers often target previous scam victims by pretending the FCA can help recover money that was lost. The FCA does not offer money recovery services.
• Urgency and fear tactics: Scam emails often create a sense of panic to pressure you into acting quickly without thinking. For example, they may claim you owe money or that your account is compromised.
• Generic or poor-quality writing: While scammers are getting more sophisticated, many phishing emails still contain poor grammar, misspellings, and awkward phrasing.
• Incorrect sender's address: Official FCA emails come from addresses ending in @fca.org.uk or @fcanewsletters.org.uk. Scammers often use slightly altered addresses, such as @fca-eu.com or @mail-fca.org, or use generic accounts like @gmail.com.

What to do if you receive a fake FCA email

1. Do not respond or click any links: Delete the email immediately. Clicking links or replying to the scammer validates your email address and can lead to more scam attempts.
2. Report the communication:
   • In the UK: Report the scam to Action Fraud on their website or by calling 0300 123 2040.
   • In Scotland: Report to Police Scotland by calling 101.
   • To the FCA: You can report a suspected fake FCA email directly to the authority by forwarding it to [email protected].
3. Verify directly with the FCA: If you are unsure about a communication, use the official FCA contact details on their website (fca.org.uk) to verify its legitimacy. Do not use any contact information provided in the suspicious email.

 

[BossHogg]

I get these types of emails regularly. Make sure your email client displays the sender's email address. You can usually tell if an email is legit from the sender's email address.

I get them for vehicle brands I've never owned, or for banks I've never had an account with. The good news is that my email client (Thunderbird) is a pro at identifying spam, so I usually don't see them.

 

[MADDOG]

Another suggestion, in addition to deleting the email, is to block the sender.

 

[RWlRAM]

Typical boiler plate legalese from corps that have been cyber hacked.
As was mentioned, you should get an official letter repeating this same info.

I've received a couple of these over the years with offers of free ID monitoring.
Since it's not costing me anything I sign up.
Never had to use it, but I'm covered.

 

[Marshall]

Anything like this ,I will hit the delate button.
If you want to check, look up the correct number from a proper web site, and ask them.
I get a few from my fake phone company, email address don't look correct.
I will phone my service provider with their phone number that is always on the bill if it looks real strange and tell them about it.

 

[Rob2gen]

Google AI says the toll free number...

The phone number 1-833-833-9981 is a generic toll-free number and is not definitively associated with any specific company or service in the provided search results. The 833 area code is a legitimate toll-free prefix used by many businesses, but it can also be easily registered and used by scammers.

 

[Docwagon1776]

I doubt it's a scam. It's just a generic boilerplate sent out because of this:

Stellantis Media - Third-Party Platform Data Incident

Stellantis detects unauthorized access to a third-party service provider’s platform that supports North American customer service operations. The company immediately activated its incident response protocols and initiated a comprehensive investigation.

media.stellantisnorthamerica.com

And FCA has set up temporary 833 numbers before, such as these recalls:

Stellantis Media - Statement: Urgent Need for Service; Call 833-585-0144

FCA US LLC urges owners or custodians of certain older-model Dodge and Chrysler vehicles with unaddressed Takata driver-side air-bag recalls, to immediately stop driving them and contact the Company to obtain the required repair – free of charge.

media.stellantisnorthamerica.com

Stellantis Media - Stop-drive: Urgent Need for Service – Call 833-585-0144

FCA US LLC urges owners or custodians of recalled, yet unrepaired model-year 2003 “Dodge Ram” pickups – of which there are an estimated 29,000 still on U.S. roads – to immediately stop driving those vehicles and contact a dealer or the company to determine their recall status.

media.stellantisnorthamerica.com

There's no hallmarks of a scam, it's just a legal CYA email.