In 2023, a study by the Mozilla Foundation found that many car manufacturers collect more data than necessary, and sometimes even resell it. Now, it has emerged that data from nearly a million VW Group vehicles has been compromised.

GPS data from a large number of EVs was left unprotected and publicly available for months, allowing unauthorized parties to create detailed profiles of the vehicles’ users. According to Reuters, the vehicle data could reveal the names and contact details of drivers, owners and locations for nearly 500,000 vehicles. Among the owners of these cars are a large number of people from politics and business, as well as people from professional groups dealing with security (police officers).

The problem was discovered by the Chaos Computer Club (CCC), which informed VW, and the company quickly reacted and fixed the problem. However, given the length of the problem, it is not excluded that some of the data ended up with third parties. VW said the data is used to improve batteries and software, and is not used to create profiles about individuals or vehicle movements. Still, this incident should force EV manufacturers to do a better job of protecting vehicle data.

Source: Reuters