HQ/EMEAFind out how we can help your business
Swedish truck manufacturer Scania is currently investigating a data breach after a hacker claimed to have stolen sensitive information from one of its web domains and began offering the data for sale on a cybercrime forum.
Scania, which produces heavy trucks, buses, and industrial and marine engines, employs around 59,000 people in more than 100 countries.
The hacker reportedly accessed the domain ‘insurance[.]scania[.]com’, which is connected to Scania Corporate Insurance services. According to Scania, this specific site is managed by an external IT partner. The company became aware of the breach after the hacker announced the sale of approximately 34,000 stolen files, prompting concerns over a potential Scania data breach.
As a precautionary measure, Scania has taken the affected website offline, and it remains inaccessible at the time of writing. While details of the stolen files are still unclear, early indications suggest that the impact of the breach is limited. A Scania spokesperson confirmed that the company is actively investigating the situation and has implemented necessary steps in response.
Scania told media outlets that the data breach occurred in late May when the hacker managed to access the targeted website.
This access was achieved using login credentials that had previously been stolen through malware known for stealing information from infected systems. These credentials reportedly provided the hacker with access to insurance claims managed through the compromised site.
Cybersecurity researchers have observed an increase in Scania-related data appearing on dark web marketplaces. In particular, hundreds of leaked credentials linked to the company have been identified, supporting claims that information from the company may be circulating online.
Before listing the stolen files for sale, the hacker allegedly attempted to extort Scania. However, it remains unclear what specific types of information were taken and how many individuals may have been affected.
The Scania data breach must be a reminder of the risks companies face when third-party systems are involved in the management of sensitive data. Even when external providers are used, the consequences of a compromise can reflect on the primary organisation.
As investigations continue, the company maintains that the Scania data breach appears to have a limited overall impact, but further details may emerge as the inquiry progresses. Cybersecurity experts continue to monitor dark web activity for any further signs of leaked Scania data or related developments.
