Play Ransomware group has claimed responsibility for the cyber attack on BMW France. The notorious group has threatened to publish the stolen data on the dark web if the ransom demand is not met by April 9, 2023.
According to a post by FalconFeedsio, the group has claimed to have access to clients’ documents, contracts, finance info, and more.
Like other ransomware groups, Play uses various tactics to access an organization’s systems, such as phishing emails, exploiting vulnerabilities, and compromising remote desktop protocols.
Once they gain access, they encrypt the victim’s files and demand a ransom payment for the decryption key.
While the security incident is yet to be confirmed by BMW France, the news of a potential cyber-attack has once again brought the issue of data breaches to the forefront. The Cyber Express has reached out to BMW but is yet to receive a response from the company.
The saga of BMW data breach continues
In 2022, BMW France fell victim to a major cybersecurity incident when its social media accounts, including Twitter and Instagram, were hacked by an unknown party. The German automobile company suffered substantial damage.
While no official statement acknowledging the security incident was released, it was apparent when memes and reels related to the automaker were posted on the social media accounts. Moreover, the company’s Twitter handle was changed to ‘DEE’.
The content also included a reel that stated, “I am taking over now”. These posts were quickly spotted by the public and BMW’s followers, and the automaker was forced to take swift action to regain control of their accounts.
However, this wasn’t the only security issue BMW faced in 2022.
In December, the KelvinSecurity Team, a notorious hacking group, claimed to have obtained a database of 384,319 BMW car owners in the UK.
The group allegedly offered this information for sale on the darknet, posing a significant threat to BMW customers’ privacy and safety.
BMW data breach, and why should you be worried?
This cyber attack on BMW France is a stark reminder of the importance of cybersecurity in today’s digital age. Companies must ensure the safety and security of their digital assets, including their social media accounts and customer data.
This incident highlights that even large multinational corporations are vulnerable to cyber attacks, and they must remain vigilant and invest in cybersecurity to protect their reputation and customers.