Cybertech Europe 2026-IT Industry Official Media Partner
Subscribe

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
Contact us

Volkswagen allegedly hit by ransomware attack after 8Base claims sensitive data was stolen

Volkswagen Group headquarters – related to 8Base ransomware attack and data breach. Volkswagen Group headquarters – related to 8Base ransomware attack and data breach.
The 8Base group claims to have stolen sensitive data from the Volkswagen Group.

Volkswagen Group has issued a statement in response to allegations from ransomware group 8Base, who claim to have stolen and leaked sensitive information from the automaker.

The German group emphasizes that it the central IT infrastructure remains unaffected, but the company's vague comment leaves several questions unanswered – including whether the incident could be linked to a breach at a supplier or partner.

8Base – from encryption to data extortion

8Base is a cybercriminal group that became active in early 2023 and quickly gained a reputation for its double blackmail tactics – where stolen data is used as a threat rather than just encrypting files.
The group uses variations of Phobos ransomware and is particularly known for focusing on data theft and disclosure, rather than classic file encryption.

  • VORTIQ-X AI Governance helps companies transform AI into controllable and verifiable business value.
    VORTIQ-X is an AI Governance platform that helps organizations govern, verify, and create measurable business value from AI. The platform focuses on transparency, compliance, AI governance, and the effective use of AI in mission-critical processes.
    ADVERTISEMENT

  • The IT industry Nordic technology media platform covering cybersecurity, cloud, AI, digital transformation, channel, MSP and enterprise IT news
    The IT industry is a leading Nordic technology media platform covering cybersecurity news, artificial intelligence, cloud computing, enterprise IT, digital transformation, managed services, channel partners, software development, telecommunications, data centers, IT infrastructure, technology leadership, business innovation, and emerging technologies. Through executive interviews, industry analysis, event coverage, thought leadership, product launches, vendor updates, and market insights, the IT industry connects technology decision-makers, CIOs, CISOs, CTOs, IT managers, MSPs, resellers, distributors, technology vendors, startups, and enterprise organizations across Sweden, Norway, Denmark, Finland, and Europe. Coverage includes cybersecurity trends, AI adoption, cloud strategy, enterprise software, networking, digital infrastructure, sustainability, compliance, governance, risk management, automation, data analytics, and future technology developments.
    OWN CONTENT

  • Cybertech Europe 2026 cybersecurity conference in Rome with the IT industry as Official Media Partner
    Cybertech Europe 2026 is one of Europe's leading cybersecurity conferences, bringing together cybersecurity leaders, government officials, technology innovators, startups, investors, and enterprise decision-makers in Rome. The IT industry serves as an Official Media Partner, providing event coverage, executive interviews, industry insights, and cybersecurity news for Nordic and European audiences.
    ADVERTISEMENT

  • Maciek Szczesniak featured on IT-Branschen Wire Channel Magic Chats podcast banner
    Maciek Szczesniak appears on IT-Branschen Wire Channel Magic Chats, discussing leadership, innovation, digital transformation, and business services.
    SPONSORED

In September 2024, it was claimed 8Base that they had compromised Volkswagen's network and downloaded a large amount of internal documents.
The attackers threatened to release the material on September 26, three days after the alleged exfiltration.

Despite the deadline passing without any concrete material being published, Volkswagen was listed on the group's dark web site with categories such as:

  • Invoices and receipts
  • Accounting data
  • Personnel and employment contracts
  • Salary documents and certificates
  • Confidentiality agreements and internal reports

According to security analysts who monitor dark web activity, this is typical of 8Base campaigns, where the threat of publication often used to pressure payments.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkRylOFi45GNVj-rxTGcwj7Ds567IV94pajJj7C7Z2E3mWkJzVag8O4B3dGOtGElPJHDnRnYfUPJgiYc_B109_EtGvmuPi6peCDRrnZOAJBvw48NOukBZi42zmqicPrzRUwrZkLcOLkFVewiTnG6DcU185t-9kXqRf7Sd-kBho0_td7IGxTSZZd4w1N28t/s16000/8base%20claim.webp

Possible global impact

If the information proves to be accurate, the stolen material could include sensitive information from all of Volkswagen's global operations, including brands such as Audi, Porsche, Bentley, Lamborghini, Škoda, SEAT and Cupra.
With 153 production facilities and hundreds of thousands of employees worldwide, a confirmed data leak would have far-reaching consequences – both legally and financially.

According to the EU GDPR regulations confirmed violations can lead to fines of up to 4 % of the group's global turnover if sensitive personal data has been exposed.
However, Volkswagen has not yet confirmed any actual data leak, and no customer data has been reported as compromised so far.

Volkswagen's response and ongoing investigation

In a brief statement to the German press, a spokesperson for Volkswagen that the company is aware of the “incident” and that internal security reviews are ongoing.
The company emphasizes that its primary IT systems not been affected, which suggests that the attack may have been carried out through a third party supplier or partner organization.

Given Volkswagen's complex ecosystem of thousands of suppliers and subcontractors across Europe and Asia, this is a likely scenario, but it has yet to be confirmed by the company.

Cyber experts point out that vulnerabilities in the supply chain often becomes the weak link in large corporations.
Ransomware groups uses phishing attacks in many cases or purchased login details from so-called “initial access brokers” to get into the systems.
According to several research reports, 8Base has targeted over 400 organizations globally since its inception.

8Base – a threat to the industry

Unlike more technically advanced ransomware actors like LockBit or BlackCat, 8Base operates as a pure data extortion group.
They leverage existing infrastructure and tools, making them difficult to track but quick to act.

The group has also used several social-engineering-techniques, including fake emails and compromised cloud accounts, to collect initial information before the actual breach occurs.

Security experts point out that automotive industry has increasingly become a target for cybercriminals, as the industry handles enormous amounts of personal and production data and is dependent on digital systems in both production and supply chains.
An attack against a global manufacturer could therefore have extensive aftereffects also for subcontractors and partner companies.

Lessons for companies and authorities

Several cybersecurity companies are now calling for strengthened risk management for third parties, especially in critical industrial sectors such as automotive and manufacturing.
They recommend organizations to:

  • Conduct continuous security audits of suppliers
  • Monitor access to cloud and remote services
  • Introduce stricter MFA requirements (multi-factor authentication)
  • Ensure that incident management plans are updated and tested regularly

The incident at Volkswagen clearly highlights how ransomware groups like 8Base continues to target large industrial groups, where the financial and legal pressure on the victim can be very high.

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
  • The IT industry Nordic technology media platform covering cybersecurity, cloud, AI, digital transformation, channel, MSP and enterprise IT news
    The IT industry is a leading Nordic technology media platform covering cybersecurity news, artificial intelligence, cloud computing, enterprise IT, digital transformation, managed services, channel partners, software development, telecommunications, data centers, IT infrastructure, technology leadership, business innovation, and emerging technologies. Through executive interviews, industry analysis, event coverage, thought leadership, product launches, vendor updates, and market insights, the IT industry connects technology decision-makers, CIOs, CISOs, CTOs, IT managers, MSPs, resellers, distributors, technology vendors, startups, and enterprise organizations across Sweden, Norway, Denmark, Finland, and Europe. Coverage includes cybersecurity trends, AI adoption, cloud strategy, enterprise software, networking, digital infrastructure, sustainability, compliance, governance, risk management, automation, data analytics, and future technology developments.
    OWN CONTENT

  • VORTIQ-X AI Governance helps companies transform AI into controllable and verifiable business value.
    VORTIQ-X is an AI Governance platform that helps organizations govern, verify, and create measurable business value from AI. The platform focuses on transparency, compliance, AI governance, and the effective use of AI in mission-critical processes.
    ADVERTISEMENT

  • Cybertech Europe 2026 cybersecurity conference in Rome with the IT industry as Official Media Partner
    Cybertech Europe 2026 is one of Europe's leading cybersecurity conferences, bringing together cybersecurity leaders, government officials, technology innovators, startups, investors, and enterprise decision-makers in Rome. The IT industry serves as an Official Media Partner, providing event coverage, executive interviews, industry insights, and cybersecurity news for Nordic and European audiences.
    ADVERTISEMENT

  • Maciek Szczesniak featured on IT-Branschen Wire Channel Magic Chats podcast banner
    Maciek Szczesniak appears on IT-Branschen Wire Channel Magic Chats, discussing leadership, innovation, digital transformation, and business services.
    SPONSORED