For Sale: Data Stolen From Volvo 

Hackers have been detected selling data on a criminal forum, claiming that it was stolen from Swedish vehicle manufacturer Volvo.

The car maker has acknowledged the breach, which appears to have been perpetrated by a new ransomware gang using a malware tool known as Endurance The hackers claim to have used the Endurance tool to obtain data associated with an attack on US government agencies.

Screenshots leaked to the Dark Web in December, presumably to verify the source of the stolen data, includes internal documents related to telematics on vehicles made for police, internal presentations, project management dashboards, and car part schematics. Some of these screenshots display various dates in 2022, including late December, which suggests that the breach could be recent.

The data listed for sale includes information on future vehicle models, development systems, and employee information at the price of $2,500 in the Monero crypto currency. The hackers allege that a ransom payment was not demanded because they assumed that Volvo would not pay. 

If a breach is confirmed, it remains to be seen if the data actually comes from Volvo or from a third party - one of the users whose name is displayed in a project management dashboard appears to be an employee at Volvo and reportedly matches their LinkedIn profile.

Volvo says it, “is conducting its own investigation and working with third-party specialist to investigate the property theft... The company does not see, with currently available information, that this has an impact on the safety or security of its customers' cars or their personal data.”

 Volvo:      NCSC:     AutoEvolution:    Oodaloop:      Security Week:       Techmonitor:   Bleeping Comuter:

You Might Also Read: 

Hacked Vehicle Owner Database For Sale:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« NHS Is The Most Phished Government Organisation
Building An Identity-First Security Strategy »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

RiskLens

RiskLens

RiskLens is a software company that specializes in the quantification of cybersecurity risk.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

Silverskin Information Security

Silverskin Information Security

Silverskin is a cyber attack company that specializes in having knowledge of the attacker's mindset to identify vulnerabilities and build effective and persistent defences.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Managed IT Services

Managed IT Services

Managed IT Services is a managed IT Services Company offering a diverse range of Cyber Security services and IT solutions.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

Dropzone AI

Dropzone AI

Dropzone AI are creating a generational leap in SecOps by using AI to automate cyber expertise and tooling.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.

SecZone

SecZone

SecZone is a Chinese enterprise with a mission to "Make It Secure." We are dedicated to driving software security innovation globally.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

Grypho5

Grypho5

Grypho5 offers managed packages to protect where threat actors strike most. We defend your infrastructure dynamically, leaving you to focus on other priorities.

CyberForce Global

CyberForce Global

CyberForce Global are at the forefront of start-up technology recruitment in areas including cybersecurity, IT infrastructure, software, fintech, blockchain and more.

Palindrome Technologies

Palindrome Technologies

Palindrome Technologies help clients defend against cyberattacks across all attack surfaces, including hardware, software, network-to-cloud, people, and emerging technologies.

Runtime Ventures

Runtime Ventures

Runtime Ventures focuses on seed and pre-seed stage cybersecurity investments. We love to work with ambitious founders building the future of the secure enterprise.

Triam Security

Triam Security

Triam Security are on a mission to make software supply chain security effortless, effective, and invisible - so developers can move fast without leaving security behind.