Cybergang claims data theft at Volkswagen
The cyber gang StormouS/V4 claims to have stolen confidential data from VW. The Group is investigating and currently sees no evidence of an attack.
(Image: Volkswagen)
A criminal internet gang claims to have stolen various sensitive data from Volkswagen. According to the company, it has no evidence of unauthorized access, but intends to investigate the matter further.
(Image:Â Screenshot / dmk)
On the darknet site of the cyber gang "StourmouS/V4", the unknown persons claim to have stolen user account data (partly hidden e-mails) and authentication tokens (OAuth and JWT tokens), including identity and access information such as e-mail, profile or telephone numbers. Log-in links for internal systems (such as https://identity.vwgroup.io), session cookies (jsessionid and others) as well as authentication and access control details are also claimed to have been captured by the perpetrators.
A countdown on the Darknet website is counting down and will run for around four and a half days at the time of reporting. Thereafter, the perpetrators threaten to publish the data.
Sample data currently not accessible
The criminals have also linked to sample data, which is currently inaccessible. However, there are screenshots online that indicate plain text communication between clients and web servers, probably between API endpoints of the "CarNet API". This is reminiscent of the security vulnerability that an Indian IT security researcher found in the VW app in May. However, he was only able to retrieve extensive vehicle data, and the problem appeared to be limited to India.
Videos by heise
When we asked, VW was unable to confirm a data leak. "In the present case, according to the current state of knowledge of the internal investigations, there was no unauthorized access by external third parties to personal data of customers or sensitive company data. Consequently, there is no evidence of misuse of such data," said a VW spokesperson. "We are continuing to investigate the available information to rule out any damage to Volkswagen AG or our customers. If it should prove helpful for further comprehensive clarification, we will of course involve the responsible authorities in the investigation."
(dmk)
