Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Volkswagen Group

Volkswagen Group Vendor Cyber Rating & Cyber Score

volkswagenag.com

The Volkswagen Group with its headquarters in Wolfsburg is one of the world’s leading automobile manufacturers and the largest carmaker in Europe. The Group is made up of ten brands from seven European countries: Volkswagen, Volkswagen Nutzfahrzeuge, ŠKODA, SEAT, CUPRA, Audi, Lamborghini, Bentley, Porsche and Ducati. Our group sells vehicles in 153 countries and operates 114 production plants worldwide. Each working day, around 675,000 employees worldwide produce cars, are involved in vehicle-related services or work in the other fields of business. Our goal is to make mobility sustainable for us and for future generations. Our promise: With electric drive, digital networking and autonomous driving, we make the automobile clean, quiet,


Volkswagen Group A.I CyberSecurity Scoring

Volkswagen Group
Company Information
Website:https://www.volkswagenag.com/en.html
Employees number:107,796
Number of followers:1,760,391
NAICS:3361
Industry Type:Motor Vehicle Manufacturing
Homepage:volkswagenag.com
Volkswagen Group Risk Score (AI oriented)
Between 650 and 699
logo
Volkswagen GroupMotor Vehicle Manufacturing
Updated:
08/04/2026
673/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Volkswagen Group Global Score (TPRM)
xxxx
logo
Volkswagen GroupMotor Vehicle Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Volkswagen Group
Volkswagen GroupWeak
Current Score
673B (WEAK)
01000
2 incidents
-115 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
684Before Incident
JUNE 2026
683Before Incident
MAY 2026
678Before Incident
APRIL 2026
673Before Incident
MARCH 2026
672Before Incident
FEBRUARY 2026
668Before Incident
JANUARY 2026
664Before Incident
DECEMBER 2025
657Before Incident
NOVEMBER 2025
767Before Incident
Ransomware
07 Nov 2025Volkswagen Group
Kawasaki Motors Europe, Volkswagen, Toyota, Avis Rent a Car, Jaguar Land Rover, Nissan and Scania: Major Cyber Attacks Targeting the Automotive Industry 2025

Cyberattacks Surge in the Automotive Industry: Key Incidents from 2024–2025

652After Incident
CRITICAL-115
NISSCATOYVOLKAWAVIJAG1775680268
Cyberattacks Surge in the Automotive Industry: Key Incidents from 2024–2025 The automotive sector has become a prime target for cybercriminals, with attacks ranging from ransomware extortion to large-scale data breaches exposing sensitive customer and operational data. Between 2024 and 2025, major automakers, suppliers, and rental companies faced significant disruptions, underscoring the industry’s vulnerability to digital threats. ### Dark Web Trends: U.S. Dominates as Top Target Dark web activity reveals the U.S. as the most discussed and targeted market, accounting for 23% of automotive-related posts, followed by France (8%) and India (7%). While automobile dealers represent less than 1% of dark web chatter, broader sectors like finance, retail, and technical services many tied to automotive operations remain high-risk targets. ### Major Breaches and Ransomware Attacks - Avis Rent a Car (August 2024): Hackers accessed a business application, exposing 299,006 customers’ personal data, including driver’s licenses, credit card details, and contact information. - Toyota (2024–2025): A third-party breach led to the leak of 240GB of data, including employee records, financial documents, and network credentials. The ZeroSevenGroup claimed responsibility, using ADRecon to map Active Directory environments. Toyota emphasized its systems were not directly compromised. - Kawasaki Motors Europe (September 2024): The RansomHub group stole 487GB of sensitive data after a failed ransomware attack, later dumping the files online when Kawasaki refused to pay. - Volkswagen’s Cariad (November 2024): A cloud misconfiguration exposed terabytes of data, including geolocation records from 800,000 vehicles, some linked to German police and intelligence personnel. Researchers traced the breach to an unsecured AWS memory dump. - Hertz (February 2025): The Clop ransomware gang exploited vulnerabilities in Cleo software, accessing customer data between October–December 2024. Over 3,400 Maine residents were affected, though the full scope remains undisclosed. - Scania (May 2025): Hackers stole insurance claim documents using compromised credentials from an IT partner, later attempting extortion. The data was later offered for sale on the dark web. - Cycle & Carriage (July 2024): A Singapore-based dealer suffered a breach affecting 147,000 customers, with 2% of records containing NRIC numbers and deposit details. - Nissan’s Creative Box Inc. (August 2025): The Qilin ransomware gang stole 4TB of design data, including 3D car models and internal documents, threatening to leak them to competitors. - Jaguar Land Rover (August–September 2025): A cyberattack forced the automaker to halt production at multiple plants, disrupting shipments and dealership operations. While no customer data was compromised, the incident caused widespread operational delays. ### Impact and Industry Response These incidents highlight the automotive sector’s expanding attack surface, from third-party vulnerabilities to cloud misconfigurations and ransomware extortion. Companies have responded with containment measures, forensic investigations, and enhanced security protocols, but the frequency and severity of attacks continue to rise. The financial and operational fallout including production halts, data leaks, and reputational damage underscores the urgent need for stronger cybersecurity defenses across the industry.
INCIDENT DETAILS -
TYPE
ransomwaredata breachthird-party breachcloud misconfiguration
MOTIVATION
extortiondata theftfinancial gaincompetitive advantage
IMPACT
personal dataemployee recordsfinancial documentsnetwork credentialsgeolocation recordsinsurance claim documents3D car modelsinternal documentsbusiness applicationscloud storageproduction systemsproduction haltsoperational delaysproduction disruptionsshipment delaysdealership operationsreputational damagedriver’s licensescredit card detailsNRIC numberscredit card details
DATA BREACH
personal dataemployee recordsfinancial documentsnetwork credentialsgeolocation recordsinsurance claim documents3D car modelsinternal documents299,006 (Avis)240GB (Toyota)487GB (Kawasaki)terabytes (Volkswagen)4TB (Nissan)highYesYes (ransomware cases)driver’s licensescredit card detailsNRIC numbers3D car modelsdesign documentsdriver’s licensescredit card detailsNRIC numberscontact information
OCTOBER 2025
767Before Incident
SEPTEMBER 2025
765Before Incident
AUGUST 2025
764Before Incident
SEPTEMBER 2024
812Before Incident
Ransomware
01 Sep 2024Volkswagen Group
Volkswagen

Volkswagen Ransomware Attack by 8BaseVocus Email System Hack and SIM Swap IncidentSotheby’s Data Breach DisclosureMango Third-Party Marketing Data Breach

749After Incident
CRITICAL-63
VOL2332623102225
Volkswagen, a leading global automaker, fell victim to a ransomware attack by the group 8Base in September 2024. The attackers claimed to have breached Volkswagen’s systems, exfiltrating confidential files—including invoices, accounting records, employee files, contracts, certificates, and confidentiality agreements—before threatening to leak them on their dark web site. While Volkswagen asserted its core IT infrastructure remained unaffected, the incident raised concerns about potential third-party system compromises and the broader scope of the breach. The attack employed Phobos ransomware and double-extortion tactics, heightening risks of data exposure and operational disruption. The leaked information, though not immediately publicized, included sensitive internal documents, posing reputational and financial threats. The limited transparency in Volkswagen’s response further fueled speculation about the attack’s true impact on supply chain dependencies and partner ecosystems.
INCIDENT DETAILS -
TYPE
Ransomware & MalwareHacking (Email Compromise & SIM Swap)Hacking (Data Breach)Third-Party Data Breach
MOTIVATION
Financial gain (ransom & data sale)Credential theft, secondary attacks (SIM swaps)Theft of PII for fraud/saleData theft (likely for resale or targeted phishing)
IMPACT
Invoices, accounting records, employee files, contracts, certificates, confidentiality agreementsEmail account contents (1,600 accounts), SIM swap data (34 accounts)Names, Social Security numbers, financial account detailsFirst names, country, postal code, email addresses, phone numbersLimited (non-core IT infrastructure; possible third-party systems)Business email system, Dodo Mobile SIM servicesThird-party marketing service provider systemsTemporary suspension of certain servicesPotential supply chain disruption (third-party compromise)Service disruptions (SIM swaps, email access)Customer trust erosion, reputational damageLikely (due to SIM swaps and email access)Potential (due to exposed personal data)Moderate (questions about third-party security)Moderate (email/SIM swap vulnerabilities exposed)High (PII breach erodes trust in luxury brand)Moderate (third-party breach but no financial data lost)Potential (PII exposure under data protection laws)Potential (GDPR violations for EU customer data)Low (email/SIM data only)High (SSNs and financial data exposed)Low (no sensitive PII compromised)High (financial account details exposed)
DATA BREACH
Confidential business files (invoices, contracts, employee data)High (internal corporate documents)PDFDOCXXLSXTXTEmail contents, SIM swap metadata1,600 (emails) + 34 (SIM swaps)Medium (email contents, phone access)EMLLog filesPII (names, SSNs, financial accounts)Very HighCustomer contact data (names, emails, phone numbers)Low-MediumCSVDatabase dumps

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Volkswagen Group ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Volkswagen Group's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Volkswagen Group's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Volkswagen Group ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Volkswagen Group's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?