Hackers leaked data related to Hyundai Motor America’s logistics operations on Monday and claimed responsibility for an apparent ransomware attack targeting the automaker and subsidiary Kia Motors America.
Files posted by the DoppelPaymer ransomware gang contain information about Hyundai Glovis, the automaker’s global logistics firm, as well as documents related to a trucking partner, in addition to other data.
Hyundai Motor America acknowledged that it had experienced an “IT outage,” but would not confirm that it had been targeted in a ransomware attack.
“Last week, Hyundai Motor America experienced an IT outage affecting a limited number of customer-facing systems and the majority of those systems are now back online,” the company said in a statement. “We would like to thank our customers for their continued patience. At this time, we can confirm that we have no evidence of Hyundai Motor America or its data being subject to a ransomware attack.”
The data leak came in the aftermath of an IT disruption that hit Kia Motors America more than a week ago. Bleeping Computer reported that Kia had been targeted by a ransomware attack by DoppelPaymer and was seeking $20 million in payment.
Brett Callow, a threat analyst with the security software firm Emsisoft, said the attack on Hyundai America could have led to attempts by DoppelPaymer to target any business partnerships.
DoppelPaymer is among a cohort of ransomware gangs that engage in double extortion tactics. Attackers seek to disrupt operations, locking out companies from their data, as well as stealing it. Companies that refuse to pay ransoms can face public disclosure on leak sites.
Click for more FreightWaves articles by Nate Tabak
TFI to take aim at UPS Freight’s unprofitable business
TFI to acquire UPS Freight for $800M
XTL makes its first acquisition as Canada trucking M&A heats up