**Škoda Auto**, the Czech car manufacturer with over 34,000 employees, has disclosed a data breach impacting customers of its online shop. The company, reporting sales of over €27 billion in 2025, revealed that attackers exploited an unspecified vulnerability in its e-commerce portal. ### Incident Details According to **Škoda**, the attackers gained unauthorized access to the online store by exploiting a flaw in the standard software used for the platform. Upon detection, **Škoda** reported the incident to relevant authorities and has since patched the exploited vulnerability. "As part of our technical security monitoring, we discovered that unauthorized individuals had exploited a vulnerability in the standard software used for our online store. This allowed them to temporarily gain unauthorized access to the store system," **Škoda** stated. The company has engaged a specialized IT forensics team to conduct a technical analysis of the incident and has notified the appropriate data protection supervisory authority. ### Compromised Data The customer information accessed includes a combination of: * Names * Addresses * Contact information (email addresses) * Phone numbers * Order information * Login credentials (email address and cryptographic hash of passwords) **Škoda** clarified that full credit card details were not stored on the compromised systems, mitigating the risk of financial data exposure. "Full credit card details are not stored in the shop system but are processed exclusively by the respective payment service providers. Based on current information, direct access to full credit card details was not possible," the company explained. ### Mitigation and Warnings While **Škoda** has stated they have no evidence of misuse of the accessed data, they are warning affected customers about potential phishing attacks and credential stuffing attempts. Customers are advised to be vigilant regarding suspicious emails, text messages, or phone calls related to **Škoda** or online store orders. **Škoda** advises, "In the coming weeks, please be extra vigilant regarding emails, text messages, or phone calls that refer to your relationship with **Škoda** or to orders placed in the online store, especially if you are asked to enter login credentials, disclose confidential information, or click on links. It is also advisable to check your bank statements and credit card bills as usual and to immediately notify your bank or the relevant payment service provider if you notice anything unusual." ### Automotive Industry Under Attack This breach follows similar incidents affecting other car manufacturers. **Renault** and **Dacia** UK disclosed a data breach in October impacting UK customers. Prior to that, **Jaguar Land Rover (JLR)** suffered a cyberattack that significantly disrupted production and cost the company over $220 million.  ## [99% of What Mythos Found Is Still Unpatched.](https://hubs.li/Q04crVgD0) AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. [Claim Your Spot](https://hubs.li/Q04crVgD0)