XC40 Plug-In Hybrid|Snatch-statement|Volvo-Snatch
XC40 Plug-In Hybrid|Snatch-statement|Volvo-Snatch

Volvo finally confirms "potential" theft of R&D data

Swedish automaker Volvo confirmed today a security breach and the theft of research and development (R&D) data from one of its file storage repositories.

The company's admission comes after it initially played down the incident describing it in emails to The Record as a "potential cyberattack" and refused to comment despite its data having been leaked online since November 30.

But in a statement today, Volvo said the incident was more than potential and might be worse than it initially appeared. While the company did not elaborate on the details, Volvo said "there may be an impact on the company's operation."

The company's disclosure today is related to an entry on the dark web portal managed by Snatch, a hacking group known to steal data and engage in extortion attempts.

On November 30, the Snatch group published an entry on their site, listing Volvo Cars as one of its victims, along with sample files they stole from Volvo's network, as proof of their claims.

Samples listed on the site included the source code of various Volvo internal apps and firmware components, mostly written in Python.


"As any well-known corporation with billions of dollars in revenues, Volvo will deny the attack and the leak till the end," a spokesperson for the Snatch group told The Record earlier this week after Volvo continued denying the breach to both local and international news outlets which had been reaching to its public relations department.

The hackers said they would not insist on negotiations but instead promised to leak the data if Volvo "failed to intelligently and comprehensively protect from the leak."

A formal Volvo acknowledgment today typically means that the company has refused to engage with the hackers and is ready to deal with the aftermath of having some of its data leaked online.

Just like most automakers today, Volvo is involved with the development of several electric-based vehicles. The leak of any such high-value R&D data would be a big blow to the company, although it is yet unclear if the stolen data is related to Volvo's electric car business.

Volvo Cars has become aware that one of its file repositories has been illegally accessed by a third party. Investigations so far confirm that a limited amount of the company's R&D property has been stolen during the intrusion.

Article updated on December 14. Removed statement that Volvo was first listed on the Snatch website on November 25.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
What is Threat Intelligence
No previous article
No new articles
Catalin Cimpanu

Catalin Cimpanu

is a cybersecurity reporter who previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.