For months, location information for some 800,000 Volkswagen electric vehicles was available online due to a data breach, according to a report from the german news magazine the mirror. The leak was reportedly due to software running inside Volkswagen vehicles and could have allowed a bad actor to track a driver's exact movements. as he pointed out electrek.
A whistleblower notified for the first time the mirror and the European hacking association Chaos Computer Club of the vulnerability, which also affects electric vehicles from Volkswagen-owned car brands globally, including Audi, Seat and Skoda.
the mirror discovered that Cariad, the Volkswagen subsidiary behind the automaker's software, made it possible for an attacker to find and access driver data hosted on amazon's cloud storage service. The data, which “could be linked to drivers' names and contact details,” allegedly included details about when the electric vehicles were turned on and off, along with drivers' emails, phone numbers and addresses in some cases. .
It included the “precise” locations of some 460,000 vehicles, as well as the mirror It says the data was “accurate to within ten centimeters” for Volkswagen and Seats vehicles, and within 10 km (~6 miles) for Audi and Skoda models.
Cariad has since addressed the issue, saying the mirror Customers “have no need to take any action as no sensitive information such as passwords or payment details are affected.” The edge He contacted Cariad and Volkswagen for comment but did not immediately receive a response.
