Huge Volkswagen data leak exposed the locations of 460,000 EV drivers

A Volkswagen software subsidiary called Cariad experienced a massive data leak that left 800,000 EV owners exposed, according to reporting by the German publication Spiegel Netzwelt. The leak allowed personal information to be left online for months, including movement data and contact information.

This included precise location data for 460,000 vehicles made by VW, Seat and Audi. According to reports, the information was accessible via the Amazon cloud storage platform. There’s a silver lining here. Cariad says that, despite being available, no bad actors accessed the exposed data. The good-faith hacking association Chaos Computer Club (CCC) spotted the leak on November 26 and brought it to the company’s attention.

VW said in a statement reviewed by the German press agency DPA that the error has since been rectified, so that the information is no longer accessible. Additionally, the company noted that the leak only pertained to location and contact info, as passwords and payment data weren’t impacted. It added that only select vehicles registered for online services were initially at risk, stating that "the data was accessed in a very complex, multi-stage process."

According to Volkswagen, the CCC hackers group was only able to access pseudonymized vehicle data that didn’t allow for any conclusions to be reached regarding specific customers. This was done “only by bypassing several security mechanisms, which required a high level of expertise and a considerable investment of time.”

In other words, the impacted customers shouldn’t be too worried about their location data being harvested by dark web ne'er-do-wells. The company has started an investigation into the matter and will make a decision regarding further steps when that is concluded.

As modern vehicles get more and more online, it opens them up to a myriad of new risks. It was just last year when a viral TikTok challenge taught Hyundai users how to hack their vehicles, resulting in more than a dozen crashes and eight deaths.

This article originally appeared on Engadget at https://www.engadget.com/transportation/evs/huge-volkswagen-data-leak-exposed-the-locations-of-460000-ev-drivers-194000006.html?src=rss https://www.engadget.com/transportation/evs/huge-volkswagen-data-leak-exposed-the-locations-of-460000-ev-drivers-194000006.html?src=rss