The Russian ransomware group Lockbit was behind the cyberattack on Vestas on November 19th, and has since tried to blackmail the wind turbine manufacturer with threats to publish the data they gained control of in the attack. This is reported by DR.
Vestas chose not to comply with the hackers' demands. Therefore, the hacker group took the threats seriously and leaked the data on the Dark Web.
Vestas has previously announced that the hackers had leaked sensitive personal data from Vestas employees.
Now the wind turbine manufacturer is specifying the types of information involved. The majority of the leak concerns non-sensitive information such as names, emails, phone numbers, job applications, CVs and salaries. Only to a lesser extent is it personal information such as passport and bank account information.
In a press release, Vestas urges its employees and partners to keep an extra close eye on whether their information is being misused.
Not just personal data
According to the media Version 2, which has seen the leaked files on the Dark Web, there is, however, data other than personal data that has become public after the leak, originating from a single compromised C drive on a computer.
The media reports that the data contains invoices and other documentation from thousands of Vestas transactions from the period 2018-2021.
At present, there are a total of 5,000 documents, files and images that have served as documentation of transactions and agreements with Vestas customers, as well as around 2,300 files of the same kind that have served as documentation of Vestas' dealers and suppliers, writes Version 2, which has not reviewed all files. However, there may be more data that is leaked, as Vestas states in a statement that there is data that is not yet public.
Text, graphics, images, sound, and other content on this website are protected under copyright law. DK Medier reserves all rights to the content, including the right to exploit the content for the purpose of text and data mining, cf. Section 11b of the Copyright Act and Article 4 of the DSM Directive.
Customers with IP agreements/major customer agreements may only share Danish Offshore Industry articles internally for the purpose of handling specific cases. Sharing in connection with specific cases refers to journaling, archiving, or similar uses.
Customers with a personal subscription/login may not share Danish Offshore Industry articles with individuals who do not themselves have a personal subscription to Danish Offshore Industry.
Any deviation from the above requires written consent from DK Medier.
