- An external computer partner of Scania has lost its connection identification information via an infostector
- Pirates used the password to access Scania and steal files
- They asked the company money and then offered the archives for sale
The Swedish car manufacturer Scania confirmed the suffering of a cyber attack that has seen sensitive customer data lose.
Hackmanac security researchers found a new thread on a dark web forum, in which a database would have been stolen from “Insurance.sania.com” was offered for sale to an exclusive buyer for an unknown sum of money.
“Hi guys. We hacked a new target and sold the full attachment of ‘Insurance.sania.com’. The complete joint files are 34,000 and the first time hacked + Will 1 Hand Vend,” said the ad, published in English and Russian. “Few photos attached with remarks (for no one can copy and defraud people).”
Supply chain attack
After the publication of the wire, Scania confirmed the authenticity of the affirmations, saying that it was raped in late May 2025 as part of a supply chain attack from an external computer partner.
“We can confirm that there has been a security-related incident in the request” Insurance.sania.com “, the request is provided by an external computer partner,” said a spokesperson for Scania.
“On May 28 and 29, an author used identification information for a legitimate external user to access a system used for insurance purposes; our current hypothesis is that the identification information used by the aggressor was disclosed by password thief malware.”
“Using the compromise account, insurance complaints have been downloaded.”
Although the company has not detailed the information found in stolen files, it is sure to assume that it is sensitive, perhaps financial or medical. The number of affected individuals is also unknown for the moment.
After stolen the archives, the threat actor tried to extort Scania for money, reaching out several times and requiring a ransom. Since it ended up offering the database for sale on the Dark Web, we can assume that the company refused generous offer.
Via Bleeping Compompute
