10:54 am, July 19, 2023
Sat nav firm TomTom which is used by car manufacturers including Renault, Mazda, Toyota, Volkswagen, Maserati and BMW has been targeted in a cyber attack by a ransom group.
The location tech giant says it has taken action to protect data after a breach by CL0p, which exploited a vulnerability in its MOVEit file transfer system in May and has now added it to its dark leak site.
The pro-Russian ransom group also claims to have taken 82GB of data from TomTom, according to Cybernews, which says CL0p is secretly active inside Ukraine.
MOVEit Transfer is a managed file transfer software system that thousands of firms use to send and receive files via secure channels.
Cybernews said CL0p had been able to exploit a zero-day vulnerability – defined by cybersecurity and anti-virus provider Kaspersky as a software vulnerability found by attackers before the vendor or developer is aware of it.
Since they don’t know about it, there’s no patch, which makes attacks likely to be successful.
The CL0p gang had threatened to publish victims’ names plus stolen data if the victims failed to get in touch by June 14 to discuss and pay a ransom demand.
Shell Global was the first victim named. There are now more than 150 firms on the leak site.
A $10m (£7.73m) bounty has been issued on CL0p by the FBI.
A statement by TomTom issued to Cybernews said: ‘We at TomTom were immediately aware of a data breach that occurred on our vendor’s platform, MOVEit, last month.
‘We have taken all necessary safety and security measures to protect any data, and we have informed the relevant authorities.’
Main image via TomTom newsroom
