Automotive giant Denso confirms hack, Pandora ransomware group takes credit
Denso has confirmed a cyberattack impacting the firm’s German operations.
The company is a global supplier of automotive components, including those developed for autonomous vehicle features, connectivity, and mobility services. Denso says that its technologies are used in “almost all vehicles around the globe.”
Clients include Toyota, Honda, General Motors, and Ford. Consolidated revenue in the 2020-2021 fiscal year was reported as $44.6 billion.
On March 14, Denso said that four days prior, a third party had “illegally accessed” the firm’s network. When the intrusion was detected, the automotive giant cut off the connection.
While the incident is under investigation, Denso says that there is “no impact” on other facilities and no disruption has been caused to production plants or manufacturing schedules.
Local authorities have been informed and the company has pulled in cyberforensic experts to assist.
“Denso would like to express its sincerest apologies for any concern or inconvenience resulting from this incident,” Denso said. “Denso Group will once again strengthen security measures and work to prevent a recurrence.”
It appears that the Pandora ransomware group has claimed responsibility. The group’s leak site, accessed by ZDNet via Kela’s Darkbeast engine, claims that 1.4TB of data has been stolen.
Leak sites are used to pile on the pressure for victims to pay up after a ransomware attack. Cybercriminals infiltrate a corporate network, steal data, and then encrypt a system — and if demanding payment for decryption does not work, they may then threaten to leak stolen information online.
In this case, the leak site appears to show samples of the stolen datasets, including a purchase order, a technical component document, and a sales file. (ZDNet has redacted information contained in the document.)
ZDNet has reached out to Denso with additional queries and we will update when we hear back.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0