SKODA has disclosed a data breach affecting the personal information of users of its online shop. The incident, discovered as part of the company’s technical security monitoring, resulted from a vulnerability in the portal’s software. Immediately after learning of the cyberattack, Skoda took the shop offline, patched the exploited vulnerability, reviewed existing security mechanisms, and retained external forensics experts to help with the investigation, while notifying the relevant authorities.
The hackers accessed data processed through the shop system, including customer names, addresses, email addresses, phone numbers, order details, and information on user accounts; according to Skoda, password hashes were also accessed. The car maker says that it cannot determine if or to what extent data was exfiltrated, and it has not disclosed how many individuals were potentially affected.
It has no evidence that the compromised data has been misused, but it advises users to be vigilant for phishing and unauthorised logins and to change passwords, especially where they are used across multiple services. 11 May 2026.