Data Breaches

Skoda Data Breach Hits Online Shop Customers

Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers.

Published

Car hacking

Automobile manufacturer Skoda has disclosed a data breach impacting the personal information of its online shop’s users.

The incident, the company says, was discovered as part of its technical security monitoring and was the result of a vulnerability in the portal’s software.

Immediately after learning of the cyberattack, the car maker took the shop offline, patched the exploited vulnerability, reviewed existing security mechanisms, and retained external forensics experts to help with the investigation. It also notified the relevant authorities.

The hackers, it explains, exploited the bug to access the shop system and accessed data processed through it, including customer names, addresses, email addresses, phone numbers, order details, and information on user accounts.

According to Skoda, password hashes were also accessed as part of the breach, but no credit card data was compromised, as these details are processed exclusively through payment service providers and not stored on its systems.

The car maker says that the protocols it has in place make it impossible to determine if and to what extent data was exfiltrated from its servers. The company has yet to disclose how many individuals were potentially affected. 

Advertisement. Scroll to continue reading.

Skoda says it has no evidence that the potentially compromised data might have been misused, but tells users to remain vigilant for phishing messages and unauthorized account logins.

The company also recommends that users change their passwords, especially if used with multiple accounts across different services, and refrain from disclosing personal information or clicking on links in communication that refers to their relationship with Skoda.

Established in 1896 in the Czech Republic, Skoda has been a wholly owned subsidiary of Volkswagen Group since 2000. Skoda cars are sold in over 100 countries.

Related: AI Firm Braintrust Prompts API Key Rotation After Data Breach

Related: Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats

Related: Vimeo Confirms User and Customer Data Breach

Related: Luxury Cosmetics Giant Rituals Discloses Data Breach

In this article:,

Related Content

supply chain threat

Data Breaches

More Klue Breach Victims Identified as Hackers Get Hacked

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

5 hours ago

Data Breaches

BeyondTrust, LastPass Impacted by Klue-Salesforce Incident

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

2 days ago

Data Breaches

Canadian Electricity Provider London Hydro Discloses Data Breach

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

3 days ago

Data Breaches

Xsolis Data Breach Affects 1.4 Million Individuals

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

4 days ago

Data Breaches

More Cybersecurity Firms Disclose Impact From Klue Hack

HackerOne, Huntress, Jamf, OneTrust, Recorded Future, Snyk, and Tanium are among the affected Klue customers.

4 days ago

Data Breaches

Texas Parks & Wildlife Data Breach Affects 3 Million Individuals

Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD.

5 days ago

Data Breaches

Kodak Admits Data Breach After ShinyHunters Hack Claims

Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident.

June 18, 2026

Data Breaches

iRhythm Confirms Data Stolen in Hack

The digital health company said it learned of the breach on June 8 and the attackers demanded a ransom.

June 16, 2026

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version