EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen
(2026/03/09)
- Reference: 1773072168
- News link: https://www.theregister.co.uk/2026/03/09/ransomware_crooks_hit_ev_charger/
- Source link:
Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that encrypted and copied user data from its cloud systems.
In a notice sent to customers on Monday and seen by The Register , the EV charging outfit said that it detected "unusual activity" on its AWS cloud platform on March 7 and quickly discovered that attackers had launched a ransomware attack against parts of its infrastructure.
According to the message, some databases were both encrypted and copied during the intrusion, meaning that the crooks likely walked off with user information before the company pulled the plug.
[1]
ELECQ, a Chinese outfit that builds smart EV charging gear for homes and businesses, says that the compromised data is limited to fairly standard account details: names, email addresses, phone numbers, and home addresses.
[2]
[3]
It insists no financial data, such as payment records or credit card information, was involved, and stressed that the attack did not affect the charging devices themselves, which it says remain "fully secure and operational."
That will be cold comfort to anyone who would prefer their home address not end up circulating on a ransomware gang's leak site.
[4]
The company says that it kicked off its incident response process as soon as the suspicious activity was spotted, taking affected servers offline and starting the job of restoring systems from backups. Since then, ELECQ says that it has tightened up parts of its infrastructure, including shutting down remote access services such as SSH and Telnet and beefing up encryption across its network.
ELECQ says that it has reported the incident to regulators, including the UK's Information Commissioner's Office and Germany's Federal Commissioner for Data Protection and Freedom of Information, indicating that the breach may involve customers in more than one European market.
[5]FBI is investigating breach that may have hit its wiretapping tools
[6]Brussels urged to pay 'sovereignty premium' to narrow China battery gap
[7]Ransomware payments cratered in 2025, but attacks surged to record highs
[8]Electric cars no more likely to flatten you than the noisy ones, study finds
[9]Struggling to sell EVs, Tesla pivots to slinging burgers
ELECQ says it has also brought in third-party cybersecurity specialists to carry out a forensic investigation and identify any remaining vulnerabilities.
As is customary after these sorts of incidents, customers are being advised to watch out for phishing messages, reset their account passwords, and keep an eye on their inboxes and other accounts for anything suspicious. Contact details and addresses may not sound especially dramatic, but in the wrong hands, they can make social engineering scams far more convincing.
Several important details remain unclear. ELECQ has not said how many individuals may have been affected by the breach, whether it has identified the attackers responsible, or whether a ransom demand was received.
[10]
The Register has asked the company to clarify those points and will update if it responds. ®
Get our [11]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2026/03/08/fbi_investigates_wiretap_system_breach/
[6] https://www.theregister.com/2026/03/03/eu_battery_production_costs/
[7] https://www.theregister.com/2026/02/27/ransomware_chainalysis/
[8] https://www.theregister.com/2025/12/10/electric_cars_pedestrian_risks/
[9] https://www.theregister.com/2025/07/22/tesla_fast_food/
[10] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[11] https://whitepapers.theregister.com/
In a notice sent to customers on Monday and seen by The Register , the EV charging outfit said that it detected "unusual activity" on its AWS cloud platform on March 7 and quickly discovered that attackers had launched a ransomware attack against parts of its infrastructure.
According to the message, some databases were both encrypted and copied during the intrusion, meaning that the crooks likely walked off with user information before the company pulled the plug.
[1]
ELECQ, a Chinese outfit that builds smart EV charging gear for homes and businesses, says that the compromised data is limited to fairly standard account details: names, email addresses, phone numbers, and home addresses.
[2]
[3]
It insists no financial data, such as payment records or credit card information, was involved, and stressed that the attack did not affect the charging devices themselves, which it says remain "fully secure and operational."
That will be cold comfort to anyone who would prefer their home address not end up circulating on a ransomware gang's leak site.
[4]
The company says that it kicked off its incident response process as soon as the suspicious activity was spotted, taking affected servers offline and starting the job of restoring systems from backups. Since then, ELECQ says that it has tightened up parts of its infrastructure, including shutting down remote access services such as SSH and Telnet and beefing up encryption across its network.
ELECQ says that it has reported the incident to regulators, including the UK's Information Commissioner's Office and Germany's Federal Commissioner for Data Protection and Freedom of Information, indicating that the breach may involve customers in more than one European market.
[5]FBI is investigating breach that may have hit its wiretapping tools
[6]Brussels urged to pay 'sovereignty premium' to narrow China battery gap
[7]Ransomware payments cratered in 2025, but attacks surged to record highs
[8]Electric cars no more likely to flatten you than the noisy ones, study finds
[9]Struggling to sell EVs, Tesla pivots to slinging burgers
ELECQ says it has also brought in third-party cybersecurity specialists to carry out a forensic investigation and identify any remaining vulnerabilities.
As is customary after these sorts of incidents, customers are being advised to watch out for phishing messages, reset their account passwords, and keep an eye on their inboxes and other accounts for anything suspicious. Contact details and addresses may not sound especially dramatic, but in the wrong hands, they can make social engineering scams far more convincing.
Several important details remain unclear. ELECQ has not said how many individuals may have been affected by the breach, whether it has identified the attackers responsible, or whether a ransom demand was received.
[10]
The Register has asked the company to clarify those points and will update if it responds. ®
Get our [11]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2026/03/08/fbi_investigates_wiretap_system_breach/
[6] https://www.theregister.com/2026/03/03/eu_battery_production_costs/
[7] https://www.theregister.com/2026/02/27/ransomware_chainalysis/
[8] https://www.theregister.com/2025/12/10/electric_cars_pedestrian_risks/
[9] https://www.theregister.com/2025/07/22/tesla_fast_food/
[10] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aa78tOTHFvNLk1ml-VDtfQAAAQ0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[11] https://whitepapers.theregister.com/
Re: #1 reason I haven't bought an EV
BartyFartsLast
Depends, if you can charge at home and/or tolerate a granny charger then you can probably get away without any extra accounts or apps.
Re: #1 reason I haven't bought an EV
Anonymous Coward
Doesn't depend. I can't be certain that I can always charge at home. If I don't want to run out of charge when I'm away from home, then I have to sign up for accounts and apps. That's just how the tech works. I can't just plug in and swipe my card like I can when filling up with petrol.
Re: #1 reason I haven't bought an EV
Caver_Dave
I know where you are coming from!
My wife uses our electric car all the time, and when she recently updated her mobile, she transferred across 8 different car charging apps - many of which have pre-loaded credit on them which you can't seem to be able to drain back into your own account.
Yes, we usually charge from solar at home, but some journeys are longer than a single charge.
She wonders why I won't use the car for anything other than short journeys!
I don't even have parking apps - I would rather walk from a carpark that takes cash that spaff my details to all and sundry (and of course parking companies are known to be iffy at the best of times).
Icon - no tin foil hat symbol!
telnet?!!!
may_i
If they had telnet open, they're a bunch of clowns.
#1 reason I haven't bought an EV
I love EVs. Great technology. Forward looking.
But I won't buy one. Driving an EV requires accounts and apps. Filling up with petrol doesn't.