Volkswagen car-location data-exposure incident: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 15: / Line 15: @@
 == The Incident ==
+[[File:Volkswagen.png|alt=Pie Chart showing the total cars affected including the severity of each(whether its location was exposed down to a radius of 10cm or 10km) and breakdown by brand|thumb|Pie Chart showing the total cars affected and breakdown by brand]]
-The core issue stemmed from a misconfiguration in Volkswagen's AWS storage implementation, which left customer data publicly accessible without proper authentication or access restrictions<ref name=":0" />. This exposed sensitive information about vehicle locations and customer identities.
+The core issue stemmed from a misconfiguration in Volkswagen's AWS storage implementation, which left customer data publicly accessible without proper authentication or access restrictions<ref name=":0" />. This exposed sensitive information about vehicle locations, EV battery statistics and sensitive customer information.  The incident not only breaches customer trust, but Volkswagen's own Terms of Service.
 == Industry Context ==
@@ Line 29: / Line 29: @@
 This incident demonstrates the broader challenges facing the automotive industry regarding data security and privacy. It has been documented that automotive manufacturers regularly collect various types of vehicle data<ref name=":1" />, including:
 * Location information
 * Driving patterns
@@ Line 61: / Line 59: @@
 [[Category:AWS security incidents]]
 <!-- [[Category:2024 in automotive industry]] -->
+. [https://www.spiegel.de/netzwelt/web/volkswagen-konzern-datenleck-wir-wissen-wo-dein-auto-steht-a-e12d33d0-97bc-493c-96d1-aa5892861027 For the link to the news source which was tipped off by a German hacktivist group]
+. [https://www.youtube.com/watch?v=Agcp37iiWLc&t=188s Youtube video with mentioned credits for more information]
 [[Category:Vehicle privacy incidents]]
 [[Category:Right to repair]]
 [[Category:CARIAD]]
 [[Category:Incidents]]