But as it turns out, this is exactly what happened, with ransomware group Snatch recently claiming the attack on its very own darknet website. The gang has also published screenshots with the stolen files, though no further specifics on the leak were shared.
The information was released online in late November, while Volvo publicly acknowledged the breach with a statement published on its website on December 10.
In its advisory, however, Volvo admits the hackers managed to steal some data, but on the other hand, the company says the customer information wasn’t exposed.
“Volvo Cars is conducting its own investigation and working with third-party specialist [sic] to investigate the property theft. The company does not see, with currently available information, that this has an impact on the safety or security of its customers' cars or their personal data,” its announcement reads.
The Snatch ransomware group isn’t new in the business. Its activity was first spotted in 2019, but on the other hand, many believed its malicious operations came to a halt in 2020. However, the group’s darknet site reveals several targets that have already been compromised, including Volvo and a series of other large companies worldwide.
At the time of writing, Snatch hasn’t released any further evidence that it managed to access more data than Volvo itself confirmed it was exposed. Additional information, however, should be published by the carmaker itself once its investigation conducted by third-party security experts comes to an end.