Cybercrime is on the rise amid the rapid global adoption of electric vehicles (EVs) and the increased network connectivity that accompanies it. Attacks on charging infrastructure, in particular, pose a serious risk to both operators and users, potentially leading to data breaches and software manipulation. Ramping up cybersecurity for EVs and charging stations is now more critical than ever.
The Growing Importance of EV Charging Cybersecurity
The Argonne National Laboratory reported a 14% year-over-year sales increase of hybrid EVs and a 34.7% increase in plug-in vehicle sales in September 2025. With the increasing number of people purchasing EVs, there is a growing demand for public and private charging infrastructure, which governments and private corporations have been investing in.
Hackers have set their sights on EV charging stations in search of personal information, fraud attempts and ransom payments. For example, a 2023 ransomware attack on a prominent charging network provider shut down charging stations in Europe and the United States. While the impacted business found a way to restore power without giving attackers the requested cryptocurrency payments, the same does not occur in other cases.
Some of the most common EV charging cyberattacks include:
QR quishing and phishing: Threat actors place malicious QR codes on stations, prompting users to add their information or make a payment.
Threat actors place malicious QR codes on stations, prompting users to add
TPRM report: https://www.rankiteo.com/company/driivz
"id": "dri1764345784",
"linkid": "driivz",
"type": "Ransomware",
"date": "01/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': None,
'industry': 'electric vehicle (EV) '
'charging infrastructure',
'location': ['Europe', 'United States'],
'name': 'Unnamed prominent EV charging '
'network provider',
'size': None,
'type': 'private corporation'}],
'attack_vector': ['malicious QR codes (QR quishing)',
'phishing',
'ransomware'],
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': True,
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['personal '
'information']},
'description': 'A ransomware attack targeted a prominent EV '
'charging network provider in 2023, shutting down '
'charging stations across Europe and the United '
'States. The attackers demanded cryptocurrency '
'payments, but the company restored operations '
'without paying the ransom. The incident '
'highlights the growing threat of cyberattacks on '
'EV charging infrastructure, including QR '
'quishing, phishing, and data breaches aimed at '
'stealing personal information or committing '
'fraud.',
'impact': {'brand_reputation_impact': 'potential damage due to '
'service disruption',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': ['personal information'],
'downtime': 'temporary shutdown of charging stations',
'financial_loss': None,
'identity_theft_risk': 'high (personal information '
'targeted)',
'legal_liabilities': None,
'operational_impact': 'disruption of charging '
'services',
'payment_information_risk': 'high (fraud attempts via '
'malicious QR codes)',
'revenue_loss': None,
'systems_affected': ['EV charging stations (Europe '
'and US)']},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': ['malicious QR codes on '
'charging stations',
'phishing'],
'high_value_targets': ['personal '
'information',
'payment data'],
'reconnaissance_period': None},
'lessons_learned': 'The incident underscores the urgent need for '
'enhanced cybersecurity measures in EV '
'charging infrastructure, including '
'protection against phishing, QR quishing, '
'and ransomware attacks. Operators must '
'prioritize securing user data and ensuring '
'operational resilience.',
'motivation': ['financial gain (ransom payments)',
'fraud',
'data theft'],
'post_incident_analysis': {'corrective_actions': None,
'root_causes': ['Inadequate '
'protection against '
'phishing and QR '
'quishing attacks.',
'Lack of robust '
'ransomware defenses '
'in charging '
'infrastructure.']},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': 'cryptocurrency (amount '
'unspecified)',
'ransom_paid': False,
'ransomware_strain': None},
'recommendations': ['Implement multi-factor authentication (MFA) '
'for charging station access.',
'Deploy endpoint detection and response '
'(EDR) solutions to monitor for malicious '
'activity.',
'Educate users about phishing and QR '
'quishing risks.',
'Regularly audit and update security '
'protocols for charging networks.',
'Establish incident response plans tailored '
'to ransomware and data breach scenarios.'],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': ['restored power without '
'paying ransom'],
'enhanced_monitoring': None,
'incident_response_plan_activated': True,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'Ransomware Attack on EV Charging Network Provider '
'(2023)',
'type': ['ransomware', 'data breach', 'fraud']}