Volvo Cars suffers a data breach. Is it a ransomware attack?

December 10, 2021  By Pierluigi Paganini


Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data.

Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems.

In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.”

“Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion,” states Volvo. The company warned that “there may be an impact on the company’s operation” from the hack, sending its stock falling 3.5 percent in Stockholm, to 72.44 kronor ($8.00, 7.06 euros).

Volvo notified relevant authorities and retained third-party experts to investigate the incident.

“Volvo Cars has become aware that one of its file repositories has been illegally accessed by a third party. Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion. Volvo Cars has earlier today concluded, based on information available, that there may be an impact on the company’s operation.” reads the notice of cyber security breach published by Volvo. “After detecting the unauthorised access, the company immediately implemented security countermeasures including steps to prevent further access to its property and notified relevant authorities.”

The company pointed out that the cyber attack had no impact on the safety or security of its customers’ cars or their personal data.

A spokesman for Volvo Cars told AFP that the company had not been hit by ransomware and never lost control of its data, but Bleeping Computer first reported that the Snatch ransomware gang has already claimed the attack.

Snatch Volvo Cars ransomware _leak_page

Snatch ransomware operators already leaked 35.9 MB of documents allegedly stolen from Volvo’s servers.

The spokesman also revealed that the car manufacturer was contacted by a third party about the information theft, but did not provide details about the exchange.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, IKEA)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Australian ACSC warns of Conti ransomware attacks against local orgs

 The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The...