Peruzzi Buick GMC Data Breach Exposes SSNs and Driver's Licenses

Peruzzi Buick GMC Inc, a Buick and GMC dealership located in Fairless Hills, Pennsylvania, disclosed a data breach incident that began in early 2025.

The breach was disclosed to the attorneys general offices of Massachusetts and to the Vermont.

On or about Feb. 27, 2025, Peruzzi Buick experienced unauthorized access to its computer network. The incident has been identified as a ransomware attack carried out by a threat actor known as Qilin.

On March 4, 2025, just days after the initial intrusion, the Qilin ransomware group posted on the Tor network. The group stated it had obtained 60 GB of the dealership's data and provided sample screenshots on its portal as apparent proof. The group also indicated that all of the stolen information would be made available for download on March 11, 2025.

An investigation into the breach determined on June 22, 2026, more than 15 months after the initial unauthorized access, that the impacted files contained personal information.

The breach exposed both personally identifiable information and protected health information including full names, Social Security numbers, driver's licenses and health records.

Peruzzi Buick's response to the breach

Peruzzi Buick is offering affected individuals a complimentary membership to Experian IdentityWorks. Instructions for activating the membership were included in the notification letters mailed to affected individuals.

The company's notification also included references to identity theft prevention resources from the Federal Trade Commission.