InfoSecBulletin Cybersecurity for mankind
Volkswagen Group has responded to claims from the ransomware group 8Base, which says it has stolen and leaked sensitive data from the company.
The German carmaker maintains that its core IT infrastructure remains unaffected; however, the company’s vague response leaves questions about the full scope of the incident and raises concerns about a possible third-party compromise.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The ransomware group 8Base, active since early 2023, emerged in September 2024 claiming a significant breach at Volkswagen, one of the world’s largest automakers.
A group known for its Phobos ransomware and double-extortion tactics claimed to steal confidential files on September 23, 2024, and threatened to make them public by September 26.
8Base posted stolen data on its dark web site, including invoices, receipts, employee files, contracts, and confidentiality agreements, despite the deadline passing without any leaked samples.
This supposed collection may include financial documents and private details from Volkswagen’s global operations, spanning brands like Audi, Porsche, Bentley, Lamborghini, Skoda, SEAT, and Cupra.
Security experts note that 8Base operates more as a data extortion crew than a traditional encryptor, focusing on theft and threats to pressure victims into payment.
The group has attacked over 400 organizations since it started, usually gaining access through phishing or purchasing credentials from brokers.
Volkswagen’s Response:
Volkswagen’s spokesperson confirmed awareness of the “incident” but emphasized no impact on the company’s primary IT systems, hinting at a possible compromise through a supplier, partner, or subsidiary.
The automaker, headquartered in Wolfsburg, Germany, operates 153 production plants worldwide and employs hundreds of thousands, making any data exposure a high-stakes issue.
While no customer data breach has been reported, the inclusion of personal and financial details raises alarms under the EU’s GDPR, potentially leading to fines up to 4% of global revenue if substantiated.
Cybersecurity firms urge enhanced third-party risk management and monitoring, as such attacks often exploit weaker links in supply chains.
As investigations continue, the incident underscores the escalating threats to critical industries like automotive manufacturing.
