Volkswagen's Data Breach: CCC Exposes Millions of Vehicle Location Data Stored Unencrypted
2025-01-02
The Chaos Computer Club (CCC) revealed that the Volkswagen Group systematically collected and stored movement data from hundreds of thousands of VW, Audi, Skoda, and Seat vehicles for extended periods. This data, including driver information, was left unprotected and accessible on the internet. The breach affected private vehicles, corporate fleets, and even government agencies, including sensitive data from the German Federal Intelligence Service and a US Air Force base. The CCC highlighted that the data collection and long-term storage were problematic, exacerbated by poor security. The findings were published in Der Spiegel and will be detailed at the 38th Chaos Communication Congress (38C3) in Hamburg.