Volkswagen Group France Hit by Qilin Ransomware Attack, 150GB of Data Stolen
The cybercriminal group Qilin has claimed responsibility for a ransomware attack on Volkswagen Group France, compromising approximately 150 gigabytes of sensitive data. The stolen files include personal information of vehicle owners such as names, addresses, and email addresses as well as detailed vehicle data, including model designations, chassis numbers, and license plates. Additionally, the attackers allege the breach contains confidential business and employee records.
As proof, Qilin published six documents on their leak platform on October 14, listing Volkswagen Group France as their latest victim. The company, headquartered in Villers-Cotterêts, oversees sales and marketing for multiple Volkswagen Group brands in France, including Audi, SEAT, CUPRA, ŠKODA, and VW Commercial Vehicles.
This incident is part of a broader surge in cyberattacks targeting the automotive industry. In late August, Jaguar Land Rover was forced to shut down IT systems and halt production after a similar attack, while BMW was reportedly breached by the Everest ransomware group in September. The sector remains a prime target for extortionists due to its reliance on interconnected systems and valuable customer data.
Source: https://www.it-daily.net/shortnews-en/volkswagen-hit-ransomware-attack/?nocache=1770151394
Volkswagen France cybersecurity rating report: https://www.rankiteo.com/company/volkswagen-france
BMW France cybersecurity rating report: https://www.rankiteo.com/company/bmwfrance
"id": "VOLBMW1770601965",
"linkid": "volkswagen-france, bmwfrance",
"type": "Ransomware",
"date": "10/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'automotive',
'location': 'Villers-Cotterêts, France',
'name': 'Volkswagen Group France',
'type': 'corporation'}],
'data_breach': {'data_exfiltration': 'yes',
'personally_identifiable_information': ['names',
'addresses',
'email addresses',
'vehicle chassis '
'numbers',
'license plates'],
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['personal information',
'vehicle data',
'business records',
'employee records']},
'date_publicly_disclosed': '2023-10-14',
'description': 'The cybercriminal group Qilin has claimed responsibility for '
'a ransomware attack on Volkswagen Group France, compromising '
'approximately 150 gigabytes of sensitive data. The stolen '
'files include personal information of vehicle owners, '
'detailed vehicle data, and confidential business and employee '
'records.',
'impact': {'brand_reputation_impact': 'high',
'data_compromised': '150GB',
'identity_theft_risk': 'high'},
'motivation': 'extortion',
'ransomware': {'data_exfiltration': 'yes', 'ransomware_strain': 'Qilin'},
'references': [{'date_accessed': '2023-10-14',
'source': 'Qilin leak platform'}],
'threat_actor': 'Qilin',
'title': 'Volkswagen Group France Hit by Qilin Ransomware Attack',
'type': 'ransomware'}