Volkswagen Says It’s “Monitoring the Situation” Following 8Base Ransomware Claims

Volkswagen Group has issued a statement to CyberInsider addressing claims by the ransomware group 8Base, which alleges it has stolen and leaked sensitive data from the automaker.

The German carmaker maintains that its core IT infrastructure remains unaffected, however, the company's vague response leaves questions about the full scope of the incident and raises concerns about a possible third-party compromise.

8Base claims breach on Volkswagen

The data that 8Base claims to have stolen includes sensitive internal documents, financial records, and personal information. If proven true, this could expose Volkswagen to substantial legal and regulatory challenges, especially in jurisdictions with strict data privacy laws like the European Union’s GDPR.

8Base, known for targeting large enterprises to extort ransom payments, claims to have uploaded extensive amounts of Volkswagen’s internal documents to their servers, listing the following types of data:

• Invoices and receipts
• Accounting documents
• Personal data and files
• Employment contracts and certificates
• Confidentiality agreements
• A large amount of confidential corporate information

Despite these claims, Volkswagen's response notably refrains from acknowledging the extent or specifics of any stolen data, focusing instead on the integrity of its own IT infrastructure.

Volkswagen says IT systems are safe

Volkswagen’s statement focused on the integrity of its internal systems, assuring that they had not been compromised by external actors.

“This incident is known. The IT infrastructure of the Volkswagen Group is not affected. We are continuing to monitor the situation closely,” said a company representative in response to our inquiries.

Volkswagen's response seems to leave room for the possibility that the breach may have occurred through a third-party vendor or supplier. In large multinational corporations like Volkswagen, suppliers and partners often hold sensitive data and are part of the extended digital ecosystem. As a result, they can be attractive targets for ransomware groups exploiting weaker security within the supply chain.

Unfortunately, the company did not respond to our follow-up request for clarifications, so we don’t know exactly what the situation they claim to be monitoring is.

As one of the world’s largest automobile manufacturers, Volkswagen Group operates in 153 countries and manages 114 production plants worldwide, making it part of a vast and complex supply chain. With such a large network, the potential for a third-party breach affecting the company is significant, even if its own IT systems were not compromised.