For Sale: Data Stolen From Volvo 

Uploaded on 2023-01-18 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hackers have been detected selling data on a criminal forum, claiming that it was stolen from Swedish vehicle manufacturer Volvo.

The car maker has acknowledged the breach, which appears to have been perpetrated by a new ransomware gang using a malware tool known as Endurance The hackers claim to have used the Endurance tool to obtain data associated with an attack on US government agencies.

Screenshots leaked to the Dark Web in December, presumably to verify the source of the stolen data, includes internal documents related to telematics on vehicles made for police, internal presentations, project management dashboards, and car part schematics. Some of these screenshots display various dates in 2022, including late December, which suggests that the breach could be recent.

The data listed for sale includes information on future vehicle models, development systems, and employee information at the price of $2,500 in the Monero crypto currency. The hackers allege that a ransom payment was not demanded because they assumed that Volvo would not pay. 

If a breach is confirmed, it remains to be seen if the data actually comes from Volvo or from a third party - one of the users whose name is displayed in a project management dashboard appears to be an employee at Volvo and reportedly matches their LinkedIn profile.

Volvo says it, “is conducting its own investigation and working with third-party specialist to investigate the property theft... The company does not see, with currently available information, that this has an impact on the safety or security of its customers' cars or their personal data.”

 Volvo:      NCSC:     AutoEvolution:    Oodaloop:      Security Week:       Techmonitor:   Bleeping Comuter:

You Might Also Read: 

Hacked Vehicle Owner Database For Sale:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« NHS Is The Most Phished Government Organisation
Building An Identity-First Security Strategy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Chatham House Cyber Conference

Chatham House Cyber Conference

14 June 2023 - Connect with cyber security experts and senior policymakers to explore the role of cyber security in the global economy and how to deliver an open and secure internet.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

Bit4id

Bit4id

Bit4id provides software and systems for security and identification based on PKI technology.

SecuTech Solutions

SecuTech Solutions

SecuTech is a global leader in providing strong authentication and software licensing management solutions.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Swiss CyberSecurity

Swiss CyberSecurity

Swiss CyberSecurity is a non-profit group based in Geneva, set up to provide information and as a forum for discussion of topics related to CyberSecurity.

RvA

RvA

RvA is the national accreditation body for the Netherlands. The directory of members provides details of organisations offering certification services for ISO 27001.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

MISP Project

MISP Project

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

Vantage Point Security

Vantage Point Security

Vantage Point are specialists in penetration testing and application security with a focus on the industries undergoing rapid digital transformation.

Mindaro Insurance

Mindaro Insurance

Mindaro is adding the crucial piece of the cyber security puzzle that protects your organization from the financial ramifications of cyber attacks.

DataSolutions

DataSolutions

DataSolutions is a leading value-added distributor of transformational IT solutions in the UK and Ireland.

Q5id

Q5id

At Q5id, we prove that your customers' digital identity and real-world identity are the same, our verification and authentication solution delivers a Proven and Secure digital identity for everyone.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

Deloitte

Deloitte

Deloitte is a multinational professional services firm providing audit, consulting, financial advisory, risk management, tax, and related services to clients.