Ransomware Groups Claim Hits on Hyundai Motor Europe and a California Union

Hyundai Motor Europe and a California union separately this week revealed they had suffered cyberattacks last month and lost data to the respective threat actors.

Black Basta, a group that first appeared in 2022 as a double-extortion operator, claimed to have stolen 3TB of data from Hyundai Motor Europe. The carmaker has not confirmed it suffered a ransomware attack, nor the boasts by Black Basta.

"Hyundai Motor Europe is investigating in a case in which an unauthorised third party has accessed a limited part of the network of Hyundai Motor Europe," stated Hyundai. "Our investigations are ongoing, and we are working closely with external cybersecurity and legal experts."

Meanwhile, another group affiliated with ransomware activity, LockBit, claimed responsibility for a cyberattack on Service Employees International Union (SEIU) Local 1000 in California.

According to the ransomware gang, it stole 308GB of data from the union, including employee information such as Social Security numbers, salary information, and financial documents.

The union released a statement on Facebook confirming that it experienced a network disruption on Jan. 18. Its statement appeared to hint that the attack was ransomware-related.

"As we investigated the incident we learned that it was caused by certain data being encrypted. We are aware of the discussion happening on social media about the type of attack we are purported to have had and the actor by whom it was apparently done," stated the union. "We are currently working with outside experts to ensure ongoing network security and assist and advise as we continue to restore our operations. This incident was a criminal cyber act and is being treated as such as we assist law enforcement."