All activities shared by users through the app were collected and processed, recording habits, places visited, parking locations, and more, and were stored on the insecure system managed by Cariad, Volkswagen Group’s software development subsidiary. The exact location—accurate to just a few centimeters—and daily routine of around 466,000 customers, including politicians, Hamburg police’s 35 electric patrol vehicles, entrepreneurs, and people in Ukraine and Israel were among the population exposed. The incident was revealed after an unnamed whistleblower reported it to the magazine and the Hamburg-based hackers’ organization Chaos Computer Club (CCC). Currently, there is no evidence of malicious actors taking advantage of the security failure. Volkswagen has taken quick action, and the information is now safe. The data breach has been described as “embarrassing” for Volkswagen, Cariad, and the developers working for the companies by the magazine and the people affected, weakening the trust in the German automaker. However, Cariad and Volkswagen acted fast and responsibly after CCC reached out to let them know about the breach. The EV industry has been facing challenges globally. Hertz is selling EVs to customers at a discounted price, and General Motors recently shut down its Cruise robotaxi program.
