Hyundai Motor Europe Grapples with Cyber Threat as Black Basta Ransomware Strikes

A California union and Hyundai Motor Europe both announced separately this week that they had suffered cyberattacks in the past month, resulting in the loss of their data.
According to Black Basta, a group that first emerged in 2022 as a double-extortionist group, Hyundai Motor Europe's data has been stolen more than 3TBs. The carmaker has not confirmed that it has been infected by ransomware, nor does Black Basta agree with its claims.
An attack on the Hyundai Motor Europe division of the South Korean company earlier this year has been confirmed by the division's CEO. Hyundai Motor Europe was initially reported to have suffered a cyber-attack in the middle of January Hyundai immediately shot the report down, saying it was simply a matter of IT issues.
In the past week, the media outlet has been informed that Black Basta is connected with the incident and the alleged theft of 3TB of data.
Cybernews is unaware of any mention of Hyundai or the stolen data on Black Basta's dark leak website at the moment of publishing, but it is very common for extortion groups to wait until ransom negotiations have firmly broken down to post about their victims.
A further statement from Hyundai has not yet been released about which systems were compromised in the attack, how much sensitive data may have been accessed, and what was the extent of the damage.
According to the Black Basta ransomware gang, Hyundai Motor Europe has been hacked and three terabytes of their data were stolen by the gang.
There is evidence of a data breach from the threat actors, which was revealed.
The gang seems to have stolen data from several departments, including legal, sales, and human resources, among others.
In addition to having access to email addresses, physical addresses, phone numbers, and vehicle chassis numbers of affected individuals, threat actors were also able to obtain the information that they needed.
An unauthorized third party has accessed the customer database of Hyundai Italy, as stated in the data breach letter sent to impacted individuals.
To determine the scope of the incident, Hyundai Italy has notified the privacy watchdog and hired cybersecurity experts.
In the evidence provided to Bleeping Computer, the crooks revealed that there was a data breach that occurred in multiple departments of the business, such as legal, sales, and human resources.
It was announced in April that Hyundai had suffered yet another data breach which affected Italian and French car owners as well as customers who had booked a test drive with them.
Among the impacted individuals were people with emails, physical addresses, telephone numbers, and vehicle chassis numbers, which could be used to identify threat actors.
An unauthorized third party had access to the database of customers according to a letter sent to the impacted individuals advising them of a data breach.
This incident has been reported to the privacy watchdog in Italy and Hyundai has hired a cybersecurity expert from an external company to determine the extent of the issues.
A letter sent by the bank indicated that no financial information had been disclosed.
The German media reported in December 2019 that suspected members of the Vietnam-linked APT Ocean Lotus group had breached the networks of the automakers BMW and Hyundai as part of the hacking campaign.
An intrusion was carried out to steal automotive trade secrets from the company.


This Cyber News was published on www.cysecurity.news. Publication date: Sun, 11 Feb 2024 13:13:04 +0000


Cyber News related to Hyundai Motor Europe Grapples with Cyber Threat as Black Basta Ransomware Strikes

Hyundai Motor Europe Grapples with Cyber Threat as Black Basta Ransomware Strikes - A California union and Hyundai Motor Europe both announced separately this week that they had suffered cyberattacks in the past month, resulting in the loss of their data. According to Black Basta, a group that first emerged in 2022 as a ...
10 months ago Cysecurity.news
Hyundai Motor Europe hit by Black Basta ransomware attack - Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. BleepingComputer first learned of the attack in early January, but when we contacted Hyundai, ...
10 months ago Bleepingcomputer.com
More than $100 million in ransom paid to Black Basta gang over nearly 2 years - The Black Basta cybercrime gang has raked in at least $107 million in ransom payments since early 2022, according to research from blockchain security company Elliptic and Corvus Insurance. The group has infected more than 329 victim organizations ...
1 year ago Therecord.media
Black Basta ransomware made over $100 million from extortion - Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. Over 329 victims ...
1 year ago Bleepingcomputer.com
Black Basta's ransom haul tops $100M in less than 2 years - The Black Basta ransomware gang has raked in more than $100 million from victims of its double-extortion attacks since its emergence early last year, according to researchers. The haul - which included grabbing $9 million from one victim and more ...
1 year ago Packetstormsecurity.com
Black Basta Buster Utilizes Ransomware Flaw to Recover Files - Security research and consulting firm SRLabs exploited a vulnerability in the encryption algorithm of a specific strain of Black Basta ransomware to develop and release a decryptor tool named Black Basta Buster. This tool, released in response to the ...
11 months ago Heimdalsecurity.com
New Ransomware Threat Hits Hundreds of Organisations Worldwide - Until November 2023, this group with suspected ties to Russia has accumulated ransom payments totaling a minimum of $100 million from over 90 victims. In a recent joint report by the Cybersecurity and Infrastructure Security Agency and the Federal ...
7 months ago Cysecurity.news
New Black Basta decryptor exploits ransomware flaw to recover files - Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. The decryptor allows Black Basta victims from November 2022 to this month to potentially recover their files for ...
11 months ago Bleepingcomputer.com
'Black Basta Buster' Exploits Ransomware Bug for File Recovery - Researchers have exploited a weakness in a particular strain of the Black Basta ransomware to release a decryptor for the malware, but it doesn't recover all of the files encrypted by the prolific cybercriminal gang. Security research and consulting ...
11 months ago Darkreading.com
Learn How to Decrypt Black Basta Ransomware Attack Without Paying Ransom - Researchers have created a tool designed to exploit a vulnerability in the Black Basta ransomware, allowing victims to recover their files without succumbing to ransom demands. This decryption tool potentially provides a remedy for individuals who ...
11 months ago Cysecurity.news
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
7 months ago Bleepingcomputer.com
Windows Quick Assist abused in Black Basta ransomware attacks - Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. Microsoft has been investigating this campaign since at least mid-April 2024, ...
7 months ago Bleepingcomputer.com
Black Basta Ransomware Group Makes $100m Since 2022 - A prolific Russian-speaking ransomware group has made over $100m from dozens of victims since April 2022, new analysis has revealed. Corvus Insurance used the Elliptic Investigator blockchain forensics tool to lift the lid on the Black Basta group. ...
1 year ago Infosecurity-magazine.com
Toronto Public Library outages caused by Black Basta ransomware attack - The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library is Canada's largest public library system, giving access to 12 million books through 100 branch libraries across ...
1 year ago Bleepingcomputer.com
Black Hat Europe 2023 Closes on Record-Breaking Event in London - PRESS RELEASE. LONDON, Dec. 20, 2023 - Black Hat, the cybersecurity industry's most established and in-depth security event series, today announced the successful completion of the in-person component of Black Hat Europe 2023. The event welcomed more ...
1 year ago Darkreading.com
Ransomware Groups Claim Hits on Hyundai Motor Europe and a California Union - Hyundai Motor Europe and a California union separately this week revealed they had suffered cyberattacks last month and lost data to the respective threat actors. Black Basta, a group that first appeared in 2022 as a double-extortion operator, ...
10 months ago Darkreading.com
CISA: Black Basta ransomware breached over 500 orgs worldwide - CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024. In a joint report published in collaboration with the Department of Health and Human Services and the Multi-State ...
7 months ago Bleepingcomputer.com
Microsoft Quick Assist Tool Abused for Ransomware Delivery - Cybercriminals who have been using the Black Basta ransomware have been observed abusing the remote management tool Quick Assist in vishing attacks, Microsoft reports. Active since 2022 and believed to have hit over 500 organizations globally, Black ...
7 months ago Packetstormsecurity.com
Yamaha Motor confirms ransomware attack on Philippines subsidiary - Yamaha Motor's Philippines motorcycle manufacturing subsidiary was hit by a ransomware attack last month, resulting in the theft and leak of some employees' personal information. "One of the servers managed by [.] motorcycle manufacturing and sales ...
1 year ago Bleepingcomputer.com
SRLabs develops Black Basta ransomware decryptor - Researchers released a decryptor to help the numerous victims of one of 2023's most prolific double-extortion ransomware gangs, Black Basta, restore their compromised files for free. Black Basta is believed to have attacked well over 300 ...
11 months ago Packetstormsecurity.com
Toronto Public Library confirms data stolen in ransomware attack - The Toronto Public Library confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack. According to TPL, the attackers stole "a large number of ...
1 year ago Bleepingcomputer.com
The Week in Ransomware - With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. Last weekend, BleepingComputer tested a new decryptor for the Black Basta ransomware to show how it ...
11 months ago Bleepingcomputer.com
Flaw in Black Basta Ransomware Exploited to Create Decryptor - Researchers at cybersecurity firm Security Research Labs exploited a flaw found in the algorithm of a ransomware variant used by the high-profile threat group Black Basta to develop a decryptor that can help some victims recover their encrypted ...
11 months ago Securityboulevard.com
Black Kite Unveils Monthly Ransomware Dashboards - PRESS RELEASE. Boston, MA - January 24, 2023 - Black Kite, the leader in third-party cyber risk intelligence, today unveiled the industry's first monthly ransomware dashboard, featuring crucial insights for security teams, media, analysts, and other ...
10 months ago Darkreading.com
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
11 months ago Scmagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)