Oops: Location data for 800,000 electric cars leaked

For several months, the software company Cariad allegedly left exposed the location data of some 800,000 of the Volkswagen Group's electric cars in Europe. The news is reported by Germany's Der Spiegel, which learned of the security breach from an anonymous source.

In order to verify its credibility, Der Spiegel collaborated with a group of hackers who managed to trace the car journeys of a member of the German Defence Committee, who went to his father's retirement home and then to the barracks where he works, and of a mayor, who went from the town hall to his physiotherapist's surgery.

What the hackers did

The publication also claims to have found several terabytes of data accessible in Amazon's cloud storage, including the precise location of 460,000 electric vehicles (made by Volkswagen, Audi, SEAT and Skoda) that could allow conclusions to be drawn about the private lives of their owners.

Information was found on 35 electric cars in the fleet of the Hamburg police, other politicians, entrepreneurs, federal employees and drivers at the Ramstein air base of the US Air Force.

The group of hackers, known as the Chaos Computer Club, informed Cariad of the vulnerability, who quickly corrected the problem.

What happened next

Cariad told Der Spiegel that it was a "misconfiguration" and that the company did not combine data to profile an individual.

According to the company, the researchers had to combine multiple data sets "bypassing multiple security mechanisms" and also said that they did not know if anyone other than it had access to the data.

More from the tech sector:

Why are we talking about Tesla's phantom phone again?

BYD is looking for engineers to build humanoid robots

Tesla's robotaxi will be driven by real people... remotely

Stealing a Mercedes will be more difficult from now on

We want your opinion!

What would you like to see on Motor1.com?

Take our 3 minute survey.

- The Motor1.com Team