Volkswagen Group has issued a statement addressing claims by the ransomware group 8Base<\/a>, which alleges it has stolen and leaked sensitive data from the automaker.<\/p>\n The German carmaker maintains that its core IT infrastructure remains unaffected; however, the company\u2019s vague response leaves questions about the full scope of the incident and raises concerns about a possible third-party compromise.\u200b<\/p>\n The ransomware operation 8Base, active since early 2023, surfaced in September 2024 with assertions of a major breach at Volkswagen, one of the world\u2019s largest automakers.<\/p>\n The group, known for its Phobos ransomware variant and double-extortion tactics, claimed to have exfiltrated a trove of confidential files on September 23, 2024, and threatened public release by September 26.<\/p>\n Despite the deadline passing without leaked samples, 8Base listed the stolen data on its dark web site, including invoices, receipts, accounting documents, personal employee files, employment contracts, certificates, personnel records, and numerous confidentiality agreements.<\/p>\n This alleged claim could encompass financial records and sensitive personal information from Volkswagen\u2019s global operations, spanning brands like Audi, Porsche, Bentley, Lamborghini, Skoda, SEAT, and Cupra.\u200b<\/p>\n Security experts note that 8Base operates more as a data extortion crew than a traditional encryptor, focusing on theft and threats to pressure victims into payment.<\/p>\n The group has targeted over 400 organizations since its emergence, often gaining initial access via phishing or buying credentials from initial access brokers. \u200b<\/p>\n Volkswagen\u2019s spokesperson confirmed awareness of the \u201cincident\u201d but emphasized no impact on the company\u2019s primary IT systems, hinting at a possible compromise through a supplier, partner, or subsidiary.<\/p>\n The automaker, headquartered in Wolfsburg, Germany, operates 153 production plants worldwide and employs hundreds of thousands, making any data exposure a high-stakes issue.<\/p>\n While no customer data breach has been reported, the inclusion of personal and financial details raises alarms under the EU\u2019s GDPR, potentially leading to fines up to 4% of global revenue if substantiated.\u200b<\/p>\n Cybersecurity firms urge enhanced third-party risk management<\/a> and monitoring, as such attacks often exploit weaker links in supply chains.<\/p>\n As investigations continue, the incident underscores the escalating threats to critical industries like automotive manufacturing.\u200b<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Volkswagen Allegedly Hit by Ransomware Attack as 8Base Claims Sensitive Data Theft<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n![\"8Base](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnWne_0pfx17nNjR_ufzFypx2qYkW0Nv0sveOmj-OJkhQNOMik1hezj2ypflsMXSWfHG_kP74d85TYdPzgJIdY0-JAKcFEDaRqpOL2PDenbM8fmJLkECQtH9m04KNGCQNZEiDk_BQsfdUGnG6jU8ASUd6Rw9pSUO9Lpy3A65I7Wt9YWpockkhneQRuX0TP\/s16000\/8base%2520claim.webp?ssl=1\")
Volkswagen\u2019s Response<\/strong><\/h2>\n