EV Charger Biz ELECQ Zapped by Ransomware Crooks, Customer Contact Data Stolen

The ransomware intrusion that hit ELECQ last week is a stark reminder that the rapid growth of electric‑vehicle charging networks is outpacing the security controls protecting their back‑end systems. By exploiting the company's Amazon Web Services environment, threat actors were able to encrypt critical databases while simultaneously exfiltrating customer contact information. Such attacks have become commonplace across cloud‑dependent businesses, where misconfigured access keys or unpatched services provide an easy foothold. For the EV industry, which relies on seamless connectivity to manage charging sessions, any breach erodes trust in the digital infrastructure that underpins the transition to clean mobility.

The compromised data set—names, email addresses, phone numbers and home addresses—does not include payment details, but it is sufficient for sophisticated social‑engineering campaigns. Hackers can combine this information with publicly available records to craft convincing phishing emails, identity‑theft schemes, or even physical‑theft attempts targeting residential chargers. European regulators, notably the UK ICO and Germany’s BfDI, have been notified, triggering mandatory breach reporting under GDPR. The incident underscores the heightened liability that EV‑charging providers face when personal data crosses borders, prompting tighter compliance audits and potential fines.

ELECQ’s immediate response—isolating affected servers, restoring from backups, disabling remote‑access protocols and hiring external forensic experts—aligns with industry best practices for incident containment. However, the episode highlights the need for continuous hardening of cloud environments, including zero‑trust network architectures, regular penetration testing, and automated credential rotation. As investors and consumers scrutinize the security posture of EV‑charging firms, companies that can demonstrate robust cyber‑resilience will gain a competitive edge. The breach may accelerate adoption of standardized security frameworks across the sector, reinforcing confidence in the broader electrification ecosystem.