Volvo Data Stolen in Cyber Attack

Volvo have revealed that it has suffered from a cyberattack, resulting in the theft of research and development (R&D) data.

The Swedish car manufacturer has confirmed that one of its file repositories has been illegally accessed by a third party during a cyberattack. So far, investigations have revealed that a “limited amount” of the company’s R&D data has been stolen. Following the news of the data theft, Volvo’s stock fell 3.5% in Stockholm.

While Volvo have denied falling victim to a ransomware attack, the Snatch ransomware gang have claimed responsibility; an entry on their leak site on November 30th offers screenshots of stolen files as proof. Since the attack, Snatch has already leaked 35.9MB of files they claim to have stolen during the attack. A spokesperson for Volvo has said that the company was not the victim of a ransomware attack, and that they remained in full control of its data.

The Snatch ransomware first appeared in late 2018, and infects its victims by rebooting into Safe Mode, allowing the malicious software to run without the risk of detection by antivirus software. It is certainly possible that Volvo’s data is fully accessible and hasn’t been encrypted. In recent years, cybercriminals have pivoted to stealing sensitive data, in a tactic that has been dubbed extortionware. These attacks tend to be carried out against organisations that deal with sensitive or confidential data, often in the medical and financial sectors. R&D from a leading car manufacturer would certainly fall into this category.

Volvo have assured customers that the breach only involves R&D data, and that the cyber attack has not compromised any personal data.