Data Breech VW UK.................

[CALIFORNIA-VW53DUB]

This just cropped up in my mail box, so no doubt will also effect numerous people on the forum?
Just a heads up and to be vigilant of any suspicious emails you may get as a result?

Informing you of a data security incident​ We are writing on behalf of all the brands operated by Volkswagen Group UK (Audi, Škoda, SEAT, CUPRA, Volkswagen Passenger Cars and Volkswagen Commercial Vehicles) that are relevant to you. As part of our ongoing commitment to being transparent, we want to make you aware of an incident at a former supplier that affected some of your personal information. As a result of this incident, it is possible you might receive unwanted communications that try to gain further information from you. We’re writing to you for awareness, to share some steps we’ve taken, and to signpost actions you can take to help safeguard your data. We would like to reassure you that no sensitive or financial information was compromised. We have been working closely with our former supplier and external experts to investigate this incident. From our investigations to date we understand the affected files contained your Name, Email Address, Telephone Number and Marketing Data. We want to remind you to be vigilant about unexpected communications. This could include requests for information which could be phishing attempts or scams. For advice about how to protect your data please visit the National Cyber Security Centre website. We have notified the UK data protection regulator, the Information Commissioner’s Office (ICO), and the National Cyber Security Centre is aware. We would like to apologise, and reassure you that we take data protection extremely seriously. If you have specific queries, please contact our Customer Services Incident Team at [email protected].​

Yours faithfully, Nick Ratcliffe Customer Experience Director Volkswagen Group UK Ltd​

This email is not a marketing communication. You are receiving this communication because it contains important legal information sent from Volkswagen Group UK Ltd. For information on how we handle your personal data please see privacy statement This is an automatic message, please do not reply to this email.​

 

[Corradobrit]

Things just go from bad to badder for VW Group. What a sh!tshow of a company and thats coming from a once diehard fan of the brand. No more.

 

[KevH]

Things just go from bad to badder for VW Group. What a sh!tshow of a company and thats coming from a once diehard fan of the brand. No more.

To be fair, VW were not responsible for this leak. I would be more concerned if they had wrung their hands of it and not alerted customers.
Just saying.

 

[WelshGas]

Things just go from bad to badder for VW Group. What a sh!tshow of a company and thats coming from a once diehard fan of the brand. No more.

So a FORMER supplier has a data breach . VW inform customers of this fact and they are to blame. Did they have to inform people? VW didn't have the data breach .
This is just a fact of life in the 21st Century. The FORMER supplier are at fault/responsible for this not VW who have taken , what I consider is a responsible move, to alert people of this fact.

 

[CALIFORNIA-VW53DUB]

Unfortunately as others have said it is a sign of the times, especially in the ‘Digital Age’ and well done to VW for notifying people.........The supplier could be a well known brand, but why did VW share personal information about vehicle owners to a supplier????

If you think your phone is safe this cropped up on BBC News yesterday as well, not good reading, especially since most people have their banking apps and goodness knows what else on their smart phones....................I still use my cards and refuse to have any similar apps on my phone! More so when a person at the checkout the other day had their battery go flat and could not pay for the trolley load of shopping.

Scammers hacked her phone and stole thousands of pounds - how did they get her details?

Sue Shore told the BBC how scammers targeted her - and we found her information had been leaked online.

www.bbc.co.uk

 

[willwander]

GDPR laws in the UK mean you have to inform customers if there is a high risk that a data breach could affect them. Otherwise you could cop for a large fine.

Even though it was an external supplier it was VW data that was shared, therefore VW have a legal responsibility as a ‘data controller’ under GDPR

My GDPR training at work was very boring.

 

[KevH]

Unfortunately as others have said it is a sign of the times, especially in the ‘Digital Age’ and well done to VW for notifying people.........The supplier could be a well known brand, but why did VW share personal information about vehicle owners to a supplier????

If you think your phone is safe this cropped up on BBC News yesterday as well, not good reading, especially since most people have their banking apps and goodness knows what else on their smart phones....................I still use my cards and refuse to have any similar apps on my phone! More so when a person at the checkout the other day had their battery go flat and could not pay for the trolley load of shopping.

Scammers hacked her phone and stole thousands of pounds - how did they get her details?

Sue Shore told the BBC how scammers targeted her - and we found her information had been leaked online.

www.bbc.co.uk

It would indeed be very interesting to know who that former supplier was. It seems that our personal information is a free-flowing resource these days

 

[Aubisque]

GDPR laws in the UK mean you have to inform customers if there is a high risk that a data breach could affect them. Otherwise you could cop for a large fine.

Even though it was an external supplier it was VW data that was shared, therefore VW have a legal responsibility as a ‘data controller’ under GDPR

My GDPR training at work was very boring.

And as the data controller, the fact it was a supplier is kind of irrelevant. VW are responsible for ensuring the data is protected/retained/deleted etc no matter who is processing it or whether they are former or current.
Measures such as data protection impact assessments and third party risk assessments should have identified and mitigated data breach risks.
So as mentioned, it is VW’s problem.

 

[WelshGas]

So, how many VW owners have received this email?
I haven't .

 

[WelshGas]

I think this might be OLD news only affecting EV vehicles/Owners


A 2024 data breach impacted roughly 800,000 electric vehicle owners from Volkswagen Group brands (Volkswagen, Audi, Seat, Skoda) due to a misconfigured Amazon cloud storage system. The breach exposed sensitive data, including personal information and precise vehicle location data, which in some cases could be used to track individual routines. The vulnerability was linked to Volkswagen's software subsidiary, Cariad, and highlighted a lack of proper data encryption and security for connected vehicle information.

 

[CALIFORNIA-VW53DUB]

The email was received on the date the post was made, and copied and pasted word for word, so it is not old news to me, unless VW have taken over 18 months to inform me, which I think would be a data protection breach in itself for not doing so in a timely matter. Plus I have never owned a VW group EV. Unless it was something to do with the My VW app?

 

[WelshGas]

The email was received on the date the post was made, and copied and pasted word for word, so it is not old news to me, unless VW have taken over 18 months to inform me, which I think would be a data protection breach in itself for not doing so in a timely matter. Plus I have never owned a VW group EV. Unless it was something to do with the My VW app?

Well you seem to be the only VW Forum member that has received this email. Strange.

 

[Ghostbuster]

Well you seem to be the only VW Forum member that has received this email. Strange.

I have had one from Audi but not VW which is even stranger?

 

[dspuk]

I think it's a disgrace and I'm fundamentally outraged. This is a terible thing to happen and I cannot believe it. It's a catastrophe. What they have done is beyond the pale and I'm going to write some letters.

Err, what was the OP about again?