A data leak led to around 800,000 Volkswagen (VW) electric vehicles (EVs) having their location exposed online for several months, according to a report by German news magazine Der Spiegel.The global incident impacted owners of EVs from VW, Audi, Seat, and Skoda, with real-time location showing for the affected vehicles, whether they were at home, driving along the street, or, in the words of Der Spiegel, parked in front of the brothel.Recommended VideosVW collects data including GPS coordinates after a car owner sets up the VW app, which allows them to do things like preheat the car, monitor the battery charge level, and check the remaining range. This builds a data set that can then be used to create a detailed profile of someones daily movements, Der Spiegel said.Please enable Javascript to view this contentThat may already be news to some owners, but the really alarming element of this story is that due to an error, the data was publicly accessible. In fact, several terabytes of information linked to around 800,000 EVs remained exposed on Amazons cloud storage system for several months.Before the vulnerability was closed, Der Spiegel said it was able to reproduce it, claiming that accessing the system would not have been a significant challenge for intelligence services, spying VW competitors, criminals, or even bored teenagers. Everything was out in the open, you just had to know where to look.The news site said that much of the vehicle data could be linked to the names and contact details of the owners, and in some cases included email addresses, home addresses, and cell phone numbers.The error reportedly occurred because a VW subsidiary called Cariad, which created a software platform for the auto groups EVs, failed to notice an error that entered the system last summer. In fact, the breach only came to light after a whistleblower alerted Der Spiegel and also the Chaos Computer Club.The news report lists a number of scenarios where the data if it fell into the wrong hands could be utilized for nefarious purposes. Foreign intelligence operatives, for example, could track politicians or other targets, while blackmailers could go after individuals found to be visiting places that theyd rather keep secret.Asked by Der Spiegel about the collection of driver information, Cariad said that it collects pseudonymized data on customers charging behavior and habits, using it to improve batteries and the associated software.It added that following the data exposure, customers are not required to take any action, insisting that no sensitive information such as passwords or payment details are affected. It added that owners can choose whether they use VW products and services that require the processing of personal data, as all vehicles with online functions offer a deactivation option.VW has yet to comment publicly on the incident. Digital Trends has contacted the automaker and will update this article when we hear back.The incident highlights the ongoing issue of data collection by automakers, which has been made possible by advances in connectivity and sensor technology in modern vehicles. Cars really seem to have flown under the privacy radar, the research lead of a study on the matter said last year.Editors RecommendationsThe locations of over 2 million Toyota cars were exposed for 10 years