Hyundai’s European division hit by ransomware attack

A Russian-speaking cyber extortion group claims to have stolen 3 terabytes worth of data from Hyundai’s European division in early January, according to BleepingComputer.

In an email, Adriana Cerami, a spokesperson for Hyundai Motor Europe—headquartered in Offenbach, Germany—told IT Brew that the company was “working closely with external cybersecurity and legal experts” and currently investigating the case in which an “unauthorized third party…accessed a limited part of the network of Hyundai Motor Europe.”

She did not confirm whether Black Basta was behind the attack. “Relevant local authorities have also been notified,” Cerami wrote. “Trust and security are fundamental to our business, and our priority is the protection of our customers, employees, investors, and partners.”

Cerami said Hyundai plans to “update relevant stakeholders” as it continues to investigate.

On the move. Black Basta—the entity allegedly behind the attack—came to authorities’ attention in early 2022. “Known for its double extortion attack,” according to the Department of Health and Human Services (HHS), the group executes ransomware attacks in addition to extracting “sensitive data” and “operating a cybercrime marketplace to publicly release it, should a victim fail to pay a ransom.”

During its first year of operations, Black Basta “exclusively targeted US-based organizations, seeking to purchase network access credentials for companies specifically located there,” HHS also noted in a March 2023 report.

Sneak attack. 2023 was a busy year for cyber criminals: Ransomware attacks increased 84% year over year, according to NCC Group, an information assurance firm. Car companies like Toyota have been victims of years-long data breaches and ransomware attacks, and the industry as a whole has been scrutinized for privacy failures and targeted by sneaky car theft hacks that have gone viral on TikTok.