GoKawiilŠkoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers.
The 130-year-old Czech car maker has over 34,000 employees and reported sales of more than €27 billion and a profit of nearly €2 billion in 2025, having delivered over 1 million cars to customers.
As Škoda revealed, threat actors gained access by exploiting an unspecified vulnerability in the software of its e-commerce portal. After detecting the breach, the company reported the incident to the relevant authorities and has fixed the security flaw exploited in the attack.
"As part of our technical security monitoring, we discovered that unauthorized individuals had exploited a vulnerability in the standard software used for our online store. This allowed them to temporarily gain unauthorized access to the store system," Škoda said. "The vulnerability has since been resolved, and the incident has been handed over to a specialized IT forensics team for technical analysis. Additionally, the incident was reported to the relevant data protection supervisory authority."
The customer information accessed by the threat actors includes a combination of names, addresses, contact information (such as email addresses), phone numbers, order information, and login credentials (including the email address and a cryptographic hash of the password).
However, according to Škoda, the attackers were unable to access affected customers' financial information because it was not stored on the compromised systems.
"Full credit card details are not stored in the shop system but are processed exclusively by the respective payment service providers. Based on current information, direct access to full credit card details was not possible," the company added.
Additionally, while it said it has no evidence that the access data has been misused, Škoda warned affected individuals that phishing attacks might target them and that threat actors may try to log in to their other online accounts if they reused the same credentials.
"In the coming weeks, please be extra vigilant regarding emails, text messages, or phone calls that refer to your relationship with Škoda or to orders placed in the online store, especially if you are asked to enter login credentials, disclose confidential information, or click on links," Škoda added. "It is also advisable to check your bank statements and credit card bills as usual and to immediately notify your bank or the relevant payment service provider if you notice anything unusual."
A Škoda spokesperson was not immediately available for comment when BleepingComputer reached out for more information on the breach, including the total number of affected customers and whether the company had been in contact with the attackers about paying a ransom.
... continue reading