LOGO

Volvo Data Breach: R&D Information Stolen

December 10, 2021
Topics:cybersecuritySecuritySecurity BreachTransportationVolvo Cars
Volvo Data Breach: R&D Information Stolen

Volvo Cars Investigates Data Breach

Volvo Cars is currently addressing a cybersecurity incident involving the unauthorized access and theft of a restricted volume of its research and development data.

The Swedish automobile manufacturer reported the data breach on Friday. Investigations have determined that an external entity gained illegal access to one of the company’s file storage systems.

Details of the Intrusion

According to a company statement released Friday, a “limited amount” of Volvo Cars’ R&D property was compromised during the intrusion. The precise scope of the stolen data remains undisclosed.

While the quantity of data taken is limited, Volvo Cars acknowledges a potential operational impact. Further specifics regarding the breach’s magnitude or the nature of the stolen information have not been released.

A company representative declined to offer additional details at this time.

Response and Mitigation

Volvo Cars is collaborating with an independent cybersecurity firm to conduct a thorough investigation into the data theft. Security measures have been promptly implemented to prevent further unauthorized access.

Relevant authorities have been notified following the detection of the intrusion.

Customer Data Not Affected

The investigation suggests the breach specifically targeted the company’s R&D data, and not customer information. Volvo Cars has stated that, based on current information, there is no indication of any impact on the safety or security of its vehicles or the personal data of its customers.

Ransomware Group Claimed Responsibility

Initial reports from the media outlet Inside-it indicate a screenshot surfaced on the dark web. This screenshot suggests Volvo’s data was published on the website of a ransomware group known as Snatch.

Industry-Wide Vulnerability

A 2021 report by CybelAngel, a digital risk protection company, highlighted the automotive industry’s significant vulnerability to ransomware attacks.

The report cited the widespread availability of hundreds of thousands of exposed credentials online as a key contributing factor.

Widespread Data Leaks in Automotive Sector

CybelAngel’s six-month investigation of automotive companies revealed substantial leaks of sensitive information. This included:

  • Trade secrets
  • Personally identifiable information
  • Engine blueprints and production facility layouts
  • Confidential agreements
  • Human resources documents

The investigation concluded that these leaks stemmed from both internal employee threats and external security vulnerabilities throughout the automotive supply chain.