For Sale: Data Stolen From Volvo 

Uploaded on 2023-01-18 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hackers have been detected selling data on a criminal forum, claiming that it was stolen from Swedish vehicle manufacturer Volvo.

The car maker has acknowledged the breach, which appears to have been perpetrated by a new ransomware gang using a malware tool known as Endurance The hackers claim to have used the Endurance tool to obtain data associated with an attack on US government agencies.

Screenshots leaked to the Dark Web in December, presumably to verify the source of the stolen data, includes internal documents related to telematics on vehicles made for police, internal presentations, project management dashboards, and car part schematics. Some of these screenshots display various dates in 2022, including late December, which suggests that the breach could be recent.

The data listed for sale includes information on future vehicle models, development systems, and employee information at the price of $2,500 in the Monero crypto currency. The hackers allege that a ransom payment was not demanded because they assumed that Volvo would not pay. 

If a breach is confirmed, it remains to be seen if the data actually comes from Volvo or from a third party - one of the users whose name is displayed in a project management dashboard appears to be an employee at Volvo and reportedly matches their LinkedIn profile.

Volvo says it, “is conducting its own investigation and working with third-party specialist to investigate the property theft... The company does not see, with currently available information, that this has an impact on the safety or security of its customers' cars or their personal data.”

 Volvo:      NCSC:     AutoEvolution:    Oodaloop:      Security Week:       Techmonitor:   Bleeping Comuter:

You Might Also Read: 

Hacked Vehicle Owner Database For Sale:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« NHS Is The Most Phished Government Organisation
Building An Identity-First Security Strategy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

RiskSense

RiskSense

RiskSense empowers enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Codeproof Technologies

Codeproof Technologies

The Codeproof enterprise mobility solution empowers your business to secure, deploy and manage mobile applications and data on smartphones, tablets, IoT devices and more.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

Gytpol

Gytpol

Gytpol is a leader in Endpoint Configuration Security (ECS) solutions, providing validation, remediation & securing of IT Policies and IT Infrastructure on-premise and in the cloud.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Two Six Technologies

Two Six Technologies

Two Six Technologies delivers R&D, innovation, productization and implementation expertise in cyber, data science, mobile, microelectronics and information operations.

ConnectSecure

ConnectSecure

ConnectSecure (formerly CyberCNS) is a global cybersecurity company that delivers tools to identify and address vulnerabilities and manage compliance requirements.

vCISO Services

vCISO Services

vCISO Services is a small, specialized, veteran-owned firm focused on the needs of SMBs only.

Secure Diversity

Secure Diversity

Secure Diversity is an innovative non-profit organization with leaders that think out of the box to create strategies & solutions to increase diversity in the cybersecurity industry.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

RubinBrown

RubinBrown

RubinBrown LLP is a leading accounting and professional consulting firm. The RubinBrown name and reputation are synonymous with experience, integrity and value.

Primary Guard

Primary Guard

Primary Guard provides IT solutions and computing technologies that help minimize impact from cyber threats, improve business efficiency and maintain essential functions during or after a disaster.

Myntex

Myntex

Myntex® builds the future of mobile security. We empower our partners to deliver exclusive mobile endpoint security software, fortifying against mobile threats, device exploits and data exfiltration.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.