Nio hit by data breach: car owners' information for sale online

Peng Chen, DIGITIMES Asia, Taipei 0

Credit: AFP

China-based EV maker Nio recently suffered a data breach. Hackers obtained the personal information of Nio vehicle owners and employees, demanding the company to pay US$2.25 million worth of bitcoin. The company apologized to its users on December 20, saying it will not give in to cybercrime.

According to CnEVPost, a post about hackers saying they have got tons of Nio's internal data circulated online on Tuesday. They asked the EV maker twice to pay the ransom to keep the information safe but were turned down.

The hackers claimed to hold personal data regarding Nio's employees and car owners, including their addresses. They also have information about orders and vehicle owners' loans.

In response, Nio issued a statement on its APP yesterday. The company said it received an email on December 11 demanding US$2.25 million worth of bitcoin to secure the data.

Nio said it had set up a task force to investigate and react to the incident, reporting it to law enforcement. According to its preliminary investigation, the data breach involved part of users' personal information and car sales data before August 2021.

Following the announcement, William Li, Nio's founder and CEO, apologized to its users on Tuesday late at night. He said the company will take responsibility for users' losses resulting from the incident.

Li also said Nio will not give in to the hackers. It will work with law enforcement to investigate the data breach and the illegal sale online.

Lu Long, the company's chief information security scientist and head of the information security committee, said the breach did not involve any data generated when a car was in use, including the driving track. It also did not impact the driving or remote control of a vehicle.

He added that the company is still investigating the incident, including the reasons and the impact.