Škoda has disclosed a cybersecurity incident affecting customers of its online store after attackers exploited a vulnerability in the platform’s software and gained unauthorized access to customer information.
According to the automaker, the breach was discovered during internal security monitoring, prompting the company to immediately take the affected online shop offline and begin a forensic investigation. In an official statement published by Škoda Germany, the company said the attackers exploited a security flaw in third-party software used by the online store platform.
Škoda confirmed that the exposed data may include customer names, addresses, email addresses, phone numbers, order information, and account-related details associated with purchases made through the online shop. Password hashes tied to customer accounts were also accessed during the incident.
The company stated that payment card information was not affected because payment transactions are handled separately through external payment service providers. According to Škoda, no complete payment card details are stored within the compromised online store systems.
One of the more serious issues highlighted in the disclosure is that investigators cannot determine whether customer data was actually downloaded or exfiltrated by the attackers. Škoda explained that existing logging systems do not allow the company to fully reconstruct what actions were performed after the attackers gained access.
Because password hashes were exposed, Škoda is urging customers to immediately change their passwords, particularly if the same credentials were reused on other websites or services. The company also warned users to remain alert for phishing emails, fake order confirmations, fraudulent customer support messages, or other scams that may attempt to exploit the leaked information.
Škoda said the affected online store has now been restored after patches and additional security measures were implemented. The company also confirmed that external cybersecurity specialists are continuing to investigate the incident and review the affected infrastructure.
At this stage, Škoda has not disclosed how many customers may have been impacted by the breach. The company also has not identified the attackers responsible or stated whether any ransom or extortion demands were made following the intrusion.