German automotive and defense manufacturer Rheinmetall reported a cyber attack in mid-April. Recently, the Russian-linked ransomware group Black Basta listed the company on its leak website. This suggests Rheinmetall has not paid a ransom to the group thus far. Black Basta is threatening to leak exfiltrated information and has already posted screenshots to prove the legitimacy of the stolen data.
The screenshots display the ransomware group acquired purchase orders, passport copies, technical schemes, non-disclosure agreements, and other business documents. Rheinmetall assured the attack only impacted the civilian business and military customers remain protected in a separate IT infrastructure. The attack occurred after Rheinmetall revealed plans to construct a tank factory in Ukraine. A company spokesperson stated the authorities have been notified and a criminal complaint was filed with the Cologne public prosecutor’s office. Rheinmetall was also the victim of a 2019 cyberattack that disrupted production lines in the U.S., Brazil, and Mexico.
Read More: