Data from 800,000 of the Volkswagen Group's electric cars has been leaked. Of these, at least 35,000 are driving around Denmark.
A data leak from the Volkswagen Group has affected 800,000 electric cars, including 35,000 in Denmark.
The leak comes from Volkswagen's software company Cariad, which made a software bug in electric cars from Volkswagen, Audi, Skoda and Cupra. The bug has made it possible to access user data from car owners in Amazon's online data warehouse.
According to the German media Der Spiegel, unauthorized parties have been able to access the data for months. Among those affected are politicians, entrepreneurs, the Hamburg police and employees of the intelligence service.
The data that has been available includes:
- Places where cars are parked
- Battery charge level
- Control status
- Information about when the engine was on and off
For about half of the 800,000 affected car owners, the data is extra detailed. In some cases, personal data including email addresses, addresses and phone numbers has also been leaked.
In addition, the precise positions of around 450,000 electric cars have been leaked, potentially allowing the movement of car owners to be mapped.
Most of the leaked data is believed to date back to 2024, but for some users the leak dates back further. It is currently unknown whether anyone other than an anonymous whistleblower who reported the leak to the Chaos Computer Club (CCC) had access to the information.
Volkswagen states that car owners need not worry, as no sensitive information such as passwords or payment data has been leaked.
"There is no need for action for customers because no sensitive information such as passwords or payment data is affected," VW told Der Spiegel.
The leak has affected vehicles from the Volkswagen Group worldwide, including Denmark. German politician Nadja Weippert, who is among those affected, is deeply concerned about the leak.
– I am shocked. It cannot be that my data is stored unencrypted in the Amazon cloud and not even adequately protected. I expect VW to stop this, collect less data in general and definitely anonymize it.”
The leak raises questions about data security at Volkswagen and highlights the importance of protecting sensitive information, including data linked to license plates.
