Volkswagen, location data of 800,000 electric vehicles leaked

According to a report in a German news magazine, a data breach has left the location information of about 800,000 Volkswagen electric vehicles available online for several months. mirror. The leak reportedly originated from software running inside Volkswagen vehicles and may have allowed malicious actors to track the driver’s exact movements. Electrec.

Notify the informant first mirror The Chaos Computer Club, a European hacking association, also discovered the vulnerability. The vulnerability also affects EVs from Volkswagen-owned car brands globally, including Audi, Seat and Skoda.

mirror We discovered that Volkswagen’s software subsidiary Cariad allowed attackers to find and access driver data stored on Amazon’s cloud storage service. The data, which “could be linked to the driver’s name and contact information,” reportedly included emails, phone numbers and, in some cases, the driver’s address, along with details about when the EV was turned on and off.

This included the “exact” locations of approximately 460,000 vehicles. mirror The data showed accuracy to “within 10 centimeters” for Volkswagen and Setz vehicles and within 10 kilometers (~6 miles) for Audi and Skoda models, it said.

Cariad later addressed the issue, saying: mirror Customers “do not need to take any action as sensitive information such as passwords or payment details will not be affected.” The Verge We contacted Cariad and Volkswagen for comment but did not immediately hear back.