A new report highlights that electric car charging stations can be easily hijacked by hackers. In addition to free top-ups, more serious risks such as the failure of the electricity network and the theft of personal data are mentioned.
A 2025 report from the firm Upstream warns about the security charging stations for electric cars. These are in fact the growing target of cyberattacks – which are increasingly targeting the entire electric car ecosystem. In its report, the firm lists, among other things, for the year 2024 alone, around a hundred ransomware attacks and more than 200 data thefts.
Charging stations are, in fact, computer systems like any other. Except that the devices are permanently available to the public, outdoors, and collect a vast amount of personal data. The report illustrates this emerging cybersecurity risk with the discovery, during the month of November last year, of a data leak for sale on the dark web.
Charging stations, an underestimated cybersecurity risk
A file listing some 116,000 electric vehicle owners, obtained through the hacking of several charging points. Personal data, including the vehicle's serial number, as well as the charging location. Security flaws targeting certain models of terminals would be sufficient to inject various malware into them.
A problem that could have more serious consequences, since these terminals could be used to carry out attacks on “the entire network” of a charging station operator, according to the authors of the report. With, as a result, various serious consequences, ranging from the injection of malware into cars connected to terminals, to the destabilization of entire portions of the electricity grid.
In the news, including in France, we have already cybercriminals have seen them hijack QR codes on charging stations to directly steal banking data. But hacking the computer systems of the stations themselves would allow us to go much further. The founder of Driveco, quoted by our colleagues at 20 Minutes, explains, for example, that hackers are likely to succeed in “triggering free recharges or cloning customer badges”.
For now, the ball is mainly in the court of the terminal manufacturers and operators. Although customers are also urged to be vigilant, especially when they discover a strange QR code affixed to a charging station. on a terminal or that the interface offered by an operator does not correspond to what they are used to seeing displayed on their mobile device.
0 Comments