New cyberattack on automotive industry: Denso confirms data breach due to ransomware infection

Through a security report, representatives of Denso Corporation confirmed a massive cyberattack that impacted the firm’s German headquarters. Denso is a global supplier of automotive components, including those developed for autonomous vehicle functions, connectivity and mobility services, collaborating with companies such as Honda.

This morning, the company mentioned that on March 10 a third party managed to illegally access its business networks. The auto company isolated the compromised systems immediately after detecting the intrusion.

Denso has already launched its own investigation, though the company says no disruptions have been detected at other facilities, including its production plants and manufacturing programs. The company also reported the incident to the appropriate authorities and is collaborating with external specialists.

The company’s statement concludes with apologies to its customers: “Denso would like to express its sincerest apologies for any concerns or inconveniences resulting from this incident; we will strengthen our security measures and continue to work to prevent a recurrence.”

While the company did not share details about the causes of the attack, specialists report that the Pandora ransomware operation has already claimed responsibility for the incident. Through its dark web leak platform, threat actors claimed to have stolen 1.4 TB of sensitive company information.

Experts report that this tactic is used to increase pressure for victims to pay after a ransomware attack. Cybercriminals infiltrate exposed corporate networks, steal data, and then encrypt a system. When affected companies refuse to pay the ransom, hackers threaten to leak the sensitive information.

Threat actors shared a screenshot showing what appear to be Denso folders and datasets, including purchase orders, documents on technical components, and a sales file.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.