The 8Base ransomware crew claims to have stolen a huge data dump of Volkswagen files and is threatening to publish them, but the German car giant appears to be unconcerned.
The extortionists, who first came to light in 2022, posted a warning on their dark web page claiming to have detailed files stolen from Volkswagen, amongst others. The group says it has stolen "a huge amount of confidential information," including:
- Invoices, receipts and accounting documents
- Personal data and files
- Employment contracts and certification
- Confidentiality agreements
The date for the data release was set for September 26 but so far no data has been made public. It may be that this is a false alarm.
"The incident is known. The IT infrastructure of the Volkswagen group is not affected. We continue to monitor the situation closely," a spokesperson told French news site LeMagIT, adding that the business "has been aware of this for some time. It is not something new or surprising."
- Volkswagen stuck in neutral after 'IT disruption'
- Welcome to 2024: Volkswagen really is putting ChatGPT into cars as a gabby copilot
- Would banning ransomware insurance stop the scourge?
- Microsoft says more ransomware stopped before reaching encryption
It's not the first time Volkswagen has had data theft issues. In 2021, three million customers' account details got stolen in a heist carried out against a third-party supplier and reportedly was the victim of a years-long campaign by Chinese attackers trying to scoop corporate secrets.
8Base is a curious case in the ransomware scene. The group uses a branch of the notorious Phobos ransomware that made millions from a string of government and critical infrastructure companies. But it has been very quiet of late, suggesting its operators have been either avoiding the public eye or working on some other projects.
Volkswagen had no comment at the time of publication as to whether it has received a ransom demand or what kind of data has been taken. ®