Skip to Content

Is My Personal Data at Risk After the Alarming moveXM Cyberattack on VW/Audi Dealers?

By: Author Alex Lim

Posted on

Categories Cybersecurity

Home » Cybersecurity » Is My Personal Data at Risk After the Alarming moveXM Cyberattack on VW/Audi Dealers?

What Crucial Steps Should I Take to Protect My Information After the moveXM Data Incident?

A company named moveXM, which provides important services for all Volkswagen and Audi dealerships, experienced a serious cyberattack on Sunday, October 26, 2025. Because this company handles marketing and customer data, this event raises concerns about the safety of personal information.

What is moveXM?

MoveXM specializes in “customer experience,” helping large companies manage their customer relationships. It operates the Customer Experience Management (CEM) portal used by all German VW and Audi dealers and service partners. This role gives the company access to a significant amount of customer data.

Details of the Cyberattack

The cyberattack forced moveXM to take its entire CEM platform offline as a safety precaution. Here is what happened:

  • The attack occurred on Sunday, October 26, 2025.
  • It appears to be a ransomware attack, where criminals lock up computer files and demand payment.
  • As a response, moveXM shut down the CEM platform and all related customer portals to contain the threat.
  • The company immediately activated its crisis team and is working with external cybersecurity experts to investigate.

Was Customer Data Compromised?

This is the most critical question. According to moveXM, their investigation has not yet found any evidence that personal data was stolen. The company reported that the attack primarily involved the encryption of its files.

However, in many such attacks, hackers steal a copy of the data before they lock the files. Therefore, the risk that customer information was taken cannot be ruled out at this stage. MoveXM has fulfilled its legal duty by reporting the incident to the appropriate supervisory authorities.

Steps for Recovery

The company is not taking any chances with its recovery process. The CEM platform and all customer portals will stay offline until the system is completely secure.

  • MoveXM is completely rebuilding its software, configurations, and databases from the ground up to eliminate any trace of malware.
  • The goal is to restore a fully clean and secure system.
  • The platform, including surveys and file servers, is expected to be unavailable for at least a week while this detailed security work is completed.