Volkswagen Faces Data Breach Affecting Over 800,000 Car Owners

German automaker Volkswagen is under scrutiny after a significant data breach involving the information of 800,000 electric vehicle owners.

The company reportedly mishandled data storage on Amazon's cloud infrastructure, leaving sensitive information exposed for months. The breach impacted owners of Volkswagen, Audi, Seat, and Skoda electric vehicles worldwide. The leaked data included geolocation, battery status, and vehicle operation details. Alarmingly, in 466,000 cases, the geolocation data was precise enough to create detailed profiles of owners' daily activities.

The breach affected not only regular users but also public figures, including politicians, business leaders, law enforcement personnel, and potentially intelligence officials. The issue arose in summer 2024 due to an error by Cariad, VW Group’s software subsidiary.

The vulnerability was discovered by an independent expert who alerted the Chaos Computer Club (CCC), which promptly informed regulatory authorities, including the Data Protection Commissioner of Lower Saxony and the Ministry of the Interior. VW Group was given 30 days to address the issue before being required to disclose the breach.

Cariad acted swiftly to fix the problem, blocking access to customer data. The company assured that no critical information, such as passwords or payment details, was compromised. However, the incident has raised concerns among German politicians, who are now calling for stronger cybersecurity measures for automakers.