Image Source : China Visual

BEIJING, December 20 (TMTPOST) —— Chinese new energy car brand NIO said on Tuesday it was blackmailed by hackers who claimed to have some of NIO customers' personal information and operation information of the company and asked for US$2.25 million worth of Bitcoin.

The leaked data includes 22,800 pieces of internal employee data, 399,000 pieces of car owner ID data, 650,000 pieces of user address data, and 4.85 million pieces of registered user data.

The data is sold in Bitcoin, such as 0.15 bitcoin for 22,800 pieces of employee data and 0.25 bitcoin for 39,900 pieces of car owner ID data.

After the news was exposed, Lu Long, Chief Scientist and Global Head of Digital Safety & Security at NIO stated that user data was leaked.

According to the statement, NIO learned of the internal data breach on Dec. 11 and was extorted $2.25 million in bitcoins. According to a preliminary investigation, the stolen data included users' basic information and vehicle sales information before August 2021.

NIO said that after receiving the email, the company set up a special team to investigate and report the incident to the relevant regulatory authorities immediately. It apologized for the data leak and promised to take responsibility for any losses caused by the incident.

The company will also continue to strengthen its cyber security to avoid future data breaches and protect customers' data, according to the announcement.

This is not the first time NIO has been caught in a data leak. As early as 2019, some verified car reviewers on Weibo published a post accusing NIO of recording car owners' activities to collect users' data and leaking private journey information.

When cars are becoming smart and electrified, data security is particularly important, which not only involves user privacy protection but also property security, personal safety, and public safety. Once vehicle data is leaked or controlled remotely, it will seriously harm the personal and property safety of users.