Volvo Cars has confirmed it is the victim of a successful cyberattack, but the automaker doesn’t believe user data was stolen.
In a statement, Volvo said “one of its file repositories has been illegally accessed by a third party” and that the intruders stole a “limited amount of the company’s R&D property”.
After the automaker detected the unauthorised access to its data, it made moves to prevent it from happening again, and has notified “relevant authorities”.
In addition to doing its own investigation, Volvo has also engaged an outside specialist to look into the matter.
At this stage, the automaker doesn’t believe the data breach will have an impact on customers’ cars or data security, but it does anticipate “there may be an impact on the company’s operation”.
It’s unknown at this stage what type of data was stolen from Volvo, and why it may affect the automaker’s operations.
This isn’t the first time cybercriminals have breached an automaker’s computer systems.
Back in 2017, the WannaCry ransomware attack impacted Renault, Nissan and Honda, with all three automakers shutting down production lines to deal with encrypted computer systems.
The UK’s National Health Service (NHS) was possibly the largest victim of WannaCry, with hospitals throughout England closing their doors to all but life-threatening emergencies as doctors and nurses were unable to access patient records and critical computer systems.
Security services in the US and UK eventually pinpointed North Korean hackers working out of China as the source of the WannaCry worm.
In 2020, ransomware saw some of Honda’s plants in the US closed for a short period. The attack also made it hard for the company to operate its customer service and financial services divisions.
We suspect, like companies in other sectors, automakers aren’t reporting the majority of successful online attacks. A report by the FBI in 2017 estimated only one-in-seven cybercrimes were being reported by corporations.