Thought Leadership
According to the Everest ransomware group, the BMW Group has been successfully attacked. The cyber criminals claim to have captured sensitive company data.
The car manufacturer was listed on the hacker group’s dark web blog, as Cybernews reports. The Bavarian group operates more than 30 production sites in 15 countries worldwide and employs almost 160,000 people. The industry currently appears to be increasingly targeted by cyber criminals. Jaguar Land Rover is also currently struggling with the consequences of a hacker attack.
Stolen audit documents as leverage
The Everest group claims to have stolen an unknown amount of “critical BMW audit documents” from the car manufacturer’s servers. The attackers placed two countdown timers on their onion site: the first ran until September 14. A second timer gives BMW representatives 48 hours to contact the blackmailers.
Experts warn against jumping to conclusions
The ransomware group has not yet revealed whether the allegedly stolen data also contains private customer information. Aras Nazarovas, Senior Information Security Researcher at Cybernews, advises caution: “We will have to wait until Everest releases a sample of the allegedly stolen data to better assess the scope of the attack.”
Nazarovas points out that the group refers to audit-related data in its publication. According to him, this ‘could mean many sensitive documents, but could also be a mistranslation, which is common with Everest communications.
it-daily.net has contacted BMW and is awaiting a response. The article will be updated accordingly when a response is received.
