Ransomware Hits EV Charger Maker, Customer Data Exposed

ELECQ, a company that makes smart electric vehicle (EV) chargers, has warned customers that a recent ransomware attack on its cloud infrastructure may have exposed personal data including names and home addresses. The firm says attackers encrypted and copied user data stored on its Amazon Web Services (AWS) platform.

The incident was disclosed in an advisory that describes an unauthorized actor gaining access to the company’s cloud environment. According to ELECQ, the intruders both encrypted files—disrupting normal operations—and exfiltrated certain datasets before the company regained control of its systems.

Initial communications from ELECQ indicate the scope of the exposed information is focused on identity and contact details rather than financial data or passwords. The company is reaching out directly to potentially affected customers and urging them to monitor account activity and communications for signs of fraud or phishing attempts.

ELECQ has engaged external cybersecurity experts to perform forensic analysis and remediation, and it says it is coordinating with AWS to trace how the attackers gained access. The company did not immediately provide a full tally of impacted accounts or say whether a ransom demand had been made.

While EV infrastructure increasingly relies on cloud services for device management and telemetry, this event is a reminder that such integrations expand the attack surface. Customers running smart chargers with home integrations should review device permissions and consider basic protections such as unique account passwords, two-factor authentication where available, and keeping device firmware current.

ELECQ said it is working to restore normal service and will update affected users as investigations progress. If you use a connected EV charger from any vendor, it’s a good moment to check what personal details are stored in vendor portals and to enable any available security features.