For Sale: Data Stolen From Volvo 

Uploaded on 2023-01-18 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hackers have been detected selling data on a criminal forum, claiming that it was stolen from Swedish vehicle manufacturer Volvo.

The car maker has acknowledged the breach, which appears to have been perpetrated by a new ransomware gang using a malware tool known as Endurance The hackers claim to have used the Endurance tool to obtain data associated with an attack on US government agencies.

Screenshots leaked to the Dark Web in December, presumably to verify the source of the stolen data, includes internal documents related to telematics on vehicles made for police, internal presentations, project management dashboards, and car part schematics. Some of these screenshots display various dates in 2022, including late December, which suggests that the breach could be recent.

The data listed for sale includes information on future vehicle models, development systems, and employee information at the price of $2,500 in the Monero crypto currency. The hackers allege that a ransom payment was not demanded because they assumed that Volvo would not pay. 

If a breach is confirmed, it remains to be seen if the data actually comes from Volvo or from a third party - one of the users whose name is displayed in a project management dashboard appears to be an employee at Volvo and reportedly matches their LinkedIn profile.

Volvo says it, “is conducting its own investigation and working with third-party specialist to investigate the property theft... The company does not see, with currently available information, that this has an impact on the safety or security of its customers' cars or their personal data.”

 Volvo:      NCSC:     AutoEvolution:    Oodaloop:      Security Week:       Techmonitor:   Bleeping Comuter:

You Might Also Read: 

Hacked Vehicle Owner Database For Sale:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« NHS Is The Most Phished Government Organisation
Building An Identity-First Security Strategy »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Minerva Labs

Minerva Labs

Minerva’s patent pending solution keeps malware in a constant sleep state before it can infiltrate your network and cause any damage.

Cyber Security Research Centre - University of Cardiff

Cyber Security Research Centre - University of Cardiff

Cardiff University's Centre for Cyber Security Research is a leading UK academic research unit for cyber security analytics.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leader in Industrial Control System (ICS) cybersecurity, with a comprehensive platform to deliver real-time cybersecurity and operational visibility.

Anglo African

Anglo African

Anglo African is an information technology firm providing end-to-end solutions to different industries, from IT Infrastructure to DataCom as well as Cloud & InfoSec services.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

US Secret Service

US Secret Service

The US Secret Service has a pivotal role in securing the nation’s critical infrastructures, specifically in the areas of cyber, banking and finance.

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

Evalian

Evalian

Evalian is a data protection services provider. Working with organisations of all sizes, we specialise in Data Protection, GDPR, ISO Certification & Information Security.

watchTowr

watchTowr

Continuous Attack Surface Testing, with the watchTowr Platform. The future of Attack Surface Management.

Mobb

Mobb

Mobb's AI-powered technology automates vulnerability remediations to significantly reduce security backlogs and free developers to focus on innovation.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

InfoSight

InfoSight

InfoSight offers proven Cyber Security, Regulatory Compliance, Risk Management and Infrastructure Solutions to protect your business and your customers from cyber crime and fraud.

Styx Intelligence

Styx Intelligence

Styx Intelligence’s platform provides visibility and supports remediation against threats targeting your digital assets.

Daylight Security

Daylight Security

Daylight Security is the leading provider of Managed Agentic Security Services, offering tailored MDR solutions that are delivered by Agentic AI and backed by elite human experts.