Cyber-thieves hacked into the computer network of Swedish car manufacturer Volvo and exfiltrated research and development secrets.
The carmaker posted a notice on its website yesterday stating that it had suffered a cybersecurity breach in which a limited amount of data was stolen.
Though the quantity of data swiped in the incident was small, Volvo warned that its loss may have an impact on the company’s operations.
Volvo did not disclose the date on which the attack took place, how long it lasted, or when it was detected. The company shared only sparse information regarding the nature of the attack, describing it as involving a breach of one of its file repositories by a third party.
In a statement released Friday, the carmaker said: “Volvo Cars has become aware that one of its file repositories has been illegally accessed by a third party.
“Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion. Volvo Cars has earlier today concluded, based on information available, that there may be an impact on the company’s operation.”
External cybersecurity experts have been hired to investigate the attack, and the relevant authorities in Sweden have been notified of the incident.
While the investigation into the incident is ongoing, Volvo said that no evidence had been uncovered yet to suggest that any personal data belonging to its customers had been stolen or accessed.
“Volvo Cars is conducting its own investigation and working with third-party specialists to investigate the property theft,” said the carmaker.
“The company does not see, with currently available information, that this has an impact on the safety or security of its customers’ cars or their personal data.”
Volvo was founded in 1927 and is headquartered in Gothenburg, Sweden. The carmaker has multiple production plants scattered around the world, including at sites in the United States and the People’s Republic of China.
Volvo’s three research and development (R&D) and design centers are located in Gothenburg, in Camarillo, California, and in Shanghai, China. The company has not yet shared which of its sites was impacted by the cyber-attack.
Sarah Coble | INFOSECURITY MAGAZINE