15 December 2021

Volvo admits some R&D data stolen in a recent security breach


Volvo admits some R&D data stolen in a recent security breach

Swedish automaker Volvo Cars has confirmed a limited amount of the company's research and development data was stolen then a third party illegally accessed one of its file storage repositories.

In a statement the company said it had launched an investigation into a cyber security breach and that "investigations so far confirm that a limited amount of the company's R D property has been stolen during the intrusion."

"Volvo Cars has...concluded, based on information available, that there may be an impact on the company’s operation," the automaker added, but did not specify what that might be.

Volvo said it has no evidence that the incident has affected "the safety or security of its customers' cars or their personal data."

The company’s disclosure comes after the hacking group Snatch, which specializes in data theft and extortion, published an entry on their site, listing Volvo Cars as one of its victims along with 35.9 MB of data allegedly stolen from Volvo's servers during the intrusion. The leaked files included the source code of various Volvo internal apps and firmware components, mostly written in Python.

A spokesperson for the Snatch group told The Record that the group would not insist on negotiations but would leak the data if the company "failed to intelligently and comprehensively protect from the leak."


Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021