Volkswagen Data Leak Exposed Locations of 800,000 Electric Vehicles

A misconfigured cloud storage system left precise location and personal data accessible online for months, affecting global EV owners.

The data leak impacted 800,000 electric vehicles from Volkswagen, Audi, Seat, and Skoda, with 460,000 vehicles revealing precise location data.
The exposed data included geolocation, contact details, and movement patterns, stored unencrypted on Amazon cloud servers by Volkswagen subsidiary Cariad.
The vulnerability, discovered by a whistleblower and verified by the Chaos Computer Club, was active for months before being patched in late November 2024.
Volkswagen claims that accessing the data required advanced expertise, but security researchers reported it was relatively easy to exploit.
No evidence has been found of malicious use of the leaked data, but the incident raises concerns about automakers' data security practices.