Volkswagen Group states IT infrastructure not affected after 8Base ransomware group claims breach

Volkswagen Group, one of the largest automobile manufacturers globally, is facing claims from the 8Base ransomware group, which alleges that it has stolen and leaked sensitive internal data from the company.

Volkswagen has responded by stating that the company is aware of the incident and that its core IT infrastructure remains secure. A spokesperson emphasized: “The IT infrastructure of the Volkswagen Group is not affected. We are continuing to monitor the situation closely.”

The wording leaves space for concern, since it leaves the possibility open that third-party systems in its supply chain may have been compromised. Volkswagen’s supply chain spans 153 countries with 114 production plants and involves numerous third-party vendors and suppliers who may have access to sensitive company data.

According to 8Base, the stolen data includes:

• Internal documents,
• Financial records,
• Personal information,
• Employment contracts,
• Confidentiality agreements,
• Other confidential corporate information.

8Base has not yet made any of the stolen data public. The group is known for targeting large enterprises and extorting them for ransom, threatening to leak the stolen data if demands are not met. Volkswagen has not provided any confirmation regarding the nature or extent of the breach beyond its initial statement.