Digital Charging Solutions GmbH (DCS), a leading provider of white-label charging services for automotive OEMs and fleet operators, has confirmed a data breach affecting a limited number of its customers.
DCS disclosed that unauthorized access to personal data occurred in the course of its customer-support processes. The incident was detected through irregularities in log data and immediately triggered an extensive forensic analysis.
On September 19, 2025, DCS detected anomalies in system logs indicating that a third-party service provider had accessed DCS customer records without valid authorization.
Customers’ Personal Data Exposed
This service provider, authorized for customer support operations, is contractually permitted to view limited customer data but is bound by strict data privacy protocols.
Initial forensic analysis revealed isolated cases where names and email addresses were accessed outside the intended support portal.
No complete payment data or financial transaction records were stored in these systems, as DCS employs tokenization and point-to-point encryption to segregate billing data from support databases.
Extensive IT-forensic analysis, spearheaded by external cybersecurity experts, is underway. Investigators have preserved volatile memory snapshots and conducted full disk imaging of affected endpoints to trace the intrusion vectors.
Preliminary root-cause analysis suggests insider misuse rather than an external exploit, though log-correlation across security information and event management (SIEM) systems is ongoing to rule out lateral movement or privileged escalation.
Evidence of unauthorized API calls and atypical SSH sessions to the customer-support database was recorded, prompting immediate revocation of all service-provider credentials.
Mitigation
DCS has implemented multiple mitigation measures, including forced rotation of access tokens, implementation of multi-factor authentication (MFA) for all third-party users, and enhanced database auditing via Structured Query Language (SQL) anomaly detection rules.
The company has also integrated a Security Orchestration, Automation, and Response (SOAR) platform to automate threat-hunt playbooks and streamline incident-response workflows.
All affected customers in the single-digit range received direct notifications in compliance with GDPR Article 33, and the relevant Data Protection Authority has been informed.
Customers can continue to charge their EVs without disruption. Billing processes remain fully operational, as the invoicing subsystem is isolated behind a dedicated payment gateway employing Transport Layer Security (TLS) 1.3 encryption.
DCS has recommended that users remain vigilant, update passwords where reused across services, and report any suspicious communications.
The breach underscores the importance of zero-trust architecture and continuous monitoring of third-party risk in the electromobility sector.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
Source link
