Swedish automaker Volvo has announced that there has been a security breach and theft of research and development (R&D) data from its file storage.
Volvo Cars has confirmed that one of its file repositories has been illegally accessed by a third party. Previous investigations have confirmed that a limited amount of R&D assets have been stolen. Based on the available information, Volvo Cars has determined that this could have an impact on the company’s operations.
Volvo has publicly acknowledged the incident in this statement, despite the fact that the company’s data has been leaking online since November 30, after downplaying the incident by describing it as a “potential cyber attack” and refusing to comment.
But Volvo said in a statement that the incident is not potential and may be worse than the initial impression.
The company did not provide details, but said it “may affect the company’s operations.”
The information released by the company relates to a posting on a dark web portal controlled by Snatch, a hacking group known for its data theft and extortion practices.
Snatch released information naming Volvo Cars as one of the victims on November 25, and updated that information on November 30 to add samples of the files stolen from Volvo’s network as evidence.
The samples on this site contain source code for various internal Volvo apps and firmware components, most of which are written in Python.
“Like other well-known companies, Volvo will deny the attack and the leak until the end,” said a representative of the Snatch group, adding that if Volvo does not admit to the leak, it will “compromise the data” and will not negotiate.
Volvo’s formal admission this time is usually taken to mean that Volvo has refused to negotiate with the hackers and is ready to deal with the aftermath of some of its own data being leaked online.
Like many automakers, Volvo is involved in the development of several electric vehicles, but it is still unclear if the stolen data is related to Volvo’s electric vehicle business.
Volvo Cars has admitted that one of its file repositories has been illegally accessed by a third party. Investigations to date have confirmed that a limited amount of R&D assets were stolen.
Comments