It’s common for modern people to worry about hackers stealing their personal data, but sometimes the most serious incidents are caused not by cybercriminals, but by companies we trust. This time it was the Volkswagen Group that was at fault, which did not provide sufficient protection for customer information.

Image source: vw.com

VW Group stored confidential data related to 800 thousand electric vehicles in the Amazon cloud without providing them with sufficient protection; the information remained vulnerable for several months. Electric vehicles from VW, Audi, Seat and Skoda brands around the world were affected; The vulnerability affected geodata, battery charge information, and key information about the status of the machine, including whether it was working or not. With sufficient technical expertise, a hypothetical attacker could access additional data in VW Group’s online services and link it to the owner’s personal information. In 466,000 of the 800,000 cases, the location data was so precise that it was possible to create a detailed profile of each owner’s daily habits.

The data of not only ordinary citizens was under attack, but also officials: German politicians, entrepreneurs, Hamburg police officers and even, probably, the intelligence service. The vulnerability arose in the summer of 2024, when Cariad, the company responsible for VW Group software products, made an error. It was discovered by an anonymous expert who confirmed the vulnerability and notified Europe’s largest hacker association, Chaos Computer Club (CCC), about the incident. The organization immediately notified the data protection commissioner in Lower Saxony, the Ministry of Internal Affairs and other security authorities – the departments gave VW Group and Cariad 30 days to fix the problem, after which they promised to make information about it public. Cariad “responded quickly, thoroughly and responsibly” by blocking unauthorized access to customer data, CCC said.

Cariad subsequently assured customers that sensitive information, including passwords and payment details, had not been compromised and therefore no action was required on their part. German politicians were extremely concerned about the incident and called on automakers to strengthen cybersecurity measures.

admin

Share
Published by
admin

Recent Posts

A number of countries are testing the abandonment of paper passports in favor of a digital ID on a smartphone

In the coming years, traditional paper passports may become a relic of the past. They…

11 hours ago

A pair of grapes doubled the magnetic field, paving the way for better quantum sensors

The Internet is full of videos of grapes literally lighting up in the microwave. When…

17 hours ago

Chinese hackers hacked nine US telecommunications companies

The ninth telecommunications company in the United States has had its resources attacked as part…

17 hours ago

Toxic and hazardous chemicals were found in the straps of popular smartwatches

Smartwatch and fitness tracker straps from popular brands contain high concentrations of toxic chemicals also…

18 hours ago