Volkswagen A.I CyberSecurity Scoring
Volkswagen
Company Information
Website:https://www.volkswagen-newsroom.com/en
Employees number:11,595
Number of followers:705,364
NAICS:3361
Industry Type:Motor Vehicle Manufacturing
Homepage:volkswagen-newsroom.com
Volkswagen Risk Score (AI oriented)
Between 650 and 699
VolkswagenMotor Vehicle Manufacturing
Updated:
26/06/2026
26/06/2026
654/1000
Weak
B
Volkswagen Global Score (TPRM)
xxxx
VolkswagenMotor Vehicle Manufacturing
Score locked

VolkswagenWeak
Current Score
654B (WEAK)
01000
2 incidents
-89.5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
653
JUNE 2026
653
MAY 2026
657
APRIL 2026
653
MARCH 2026
648
FEBRUARY 2026
749
JANUARY 2026
749
DECEMBER 2025
748
NOVEMBER 2025
746
OCTOBER 2025
740
Ransomware
19 Oct 2025 • Volkswagen
Lamborghini, Volkswagen Group, Porsche, Bentley, Škoda, SEAT and Audi: Volkswagen Allegedly Hit by Ransomware Attack as 8Base Claims Sensitive Data Theft
Volkswagen Faces Data Extortion Threat from 8Base Ransomware Group
628
CRITICAL-112
SEASKOBENPORVOLAUTVOL1770202467
Volkswagen Faces Data Extortion Threat from 8Base Ransomware Group
Volkswagen Group is responding to claims by the ransomware group 8Base, which alleges it stole and leaked sensitive data from the automaker. While Volkswagen maintains that its core IT infrastructure remains unaffected, the company’s statement leaves uncertainty about the full extent of the breach, suggesting a possible third-party compromise.
The 8Base ransomware operation, active since early 2023, surfaced in September 2024 with claims of a major breach at Volkswagen. Known for its Phobos ransomware variant and double-extortion tactics, the group asserted it exfiltrated confidential files on September 23, 2024, threatening public release by September 26. Though no leaked samples appeared by the deadline, 8Base listed the stolen data on its dark web site, including:
- Invoices and receipts
- Accounting documents
- Employee personal files and contracts
- Confidentiality agreements
- Certificates and personnel records
The breach could involve financial and personal data across Volkswagen’s global operations, affecting brands such as Audi, Porsche, Bentley, Lamborghini, Škoda, SEAT, and Cupra.
Security experts note that 8Base operates primarily as a data extortion group, prioritizing theft over encryption to pressure victims into payment. Since its emergence, the group has targeted over 400 organizations, often gaining access via phishing or purchased credentials.
Volkswagen, headquartered in Wolfsburg, Germany, confirmed awareness of the incident but emphasized that primary IT systems were not impacted, hinting at a potential supply chain or partner breach. With 153 production plants worldwide and hundreds of thousands of employees, the exposure of sensitive data raises GDPR compliance concerns, with potential fines of up to 4% of global revenue if confirmed.
The incident highlights the growing risk of third-party vulnerabilities in critical industries like automotive manufacturing. Investigations remain ongoing.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
807
Ransomware
04 Oct 2025 • Volkswagen
Dimensional Control Systems (DCS)
Ransomware Attack on Dimensional Control Systems (DCS) by J Group
740
CRITICAL-67
DIM4992449100425
A ransomware group, J Group, claimed a major breach of Dimensional Control Systems (DCS), a Michigan-based provider of dimensional engineering software critical to manufacturing giants like Boeing, Samsung, Volkswagen, and Airbus. The attackers allegedly exfiltrated 11GB of sensitive data, including financial records, employee information, and proprietary operational documents, posting samples on the dark web as leverage for ransom demands. The breach poses severe risks to supply chain security, potentially exposing intellectual property (e.g., aerospace designs, manufacturing tolerances) and disrupting operations for high-profile clients. Boeing’s involvement raises national security concerns due to its defense contracts, while Samsung’s prior breaches compound vulnerabilities. Though DCS has not publicly confirmed the attack, cybersecurity experts warn of cascading risks—including regulatory fines (e.g., GDPR for Volkswagen), legal actions, and reputational damage—if client data was compromised. The incident underscores the growing threat of third-party vendor attacks, where a single breach can jeopardize an entire industrial ecosystem.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
806
AUGUST 2025
806
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Volkswagen ??
What was Volkswagen's A.I Rankiteo Cyber Score in June 2026 ??
What was Volkswagen's A.I Rankiteo Cyber Score in May 2026 ??
What was Volkswagen's A.I Rankiteo Cyber Score in April 2026 ??
What was Volkswagen's A.I Rankiteo Cyber Score in March 2026 ??
What was Volkswagen's A.I Rankiteo Cyber Score in February 2026 ??
What was Volkswagen's A.I Rankiteo Cyber Score in January 2026 ??
What was Volkswagen's A.I Rankiteo Cyber Score in December 2025 ??
What was Volkswagen's A.I Rankiteo Cyber Score in November 2025 ??
What was Volkswagen's A.I Rankiteo Cyber Score in October 2025 ??
What was Volkswagen's A.I Rankiteo Cyber Score in September 2025 ??
What was Volkswagen's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Volkswagen's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Volkswagen ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Volkswagen's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?