IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers publish Vestas data following cyber attack

The move suggests the company didn’t comply with the hackers' ransom demands

Hackers behind last month’s cyber attack on Vestas, the world’s largest wind turbine manufacturer, have published a portion of the compromised data online.

That's according to a statement published by the company, in which it advised customers and business partners to “stay vigilant” as there's a possibility that their personal data may be misused.

The stolen data includes information embedded in identification documents such as passports, birth certificates, work permits, and driver’s licenses. In some cases, the cyber criminals managed to obtain social security numbers, medical certificates, injury reports, and bank account information.

Vestas stated that “not all employees and business partners of Vestas have been affected by the cyber security incident and the majority of the compromised personal data is not of a sensitive nature”.

This includes information embedded in CVs, such as names and contact details, emails, phone numbers, country of residence, education, and professional skills, as well as company documents including contracts and salary information.

Vestas said that it will notify the victims of the breach “if it is assessed that this is appropriate given the risk to such individuals”. 

Related Resource

2021 Thales cloud security study

The challenges of cloud data protection and access management in a hybrid and multi cloud world

Blonde woman in professional clothing writing on a board Free download

IT Pro has reached out to the company for further information but hadn't received a response at the time of publication.

The attack, which took place on 19 November, forced Vestas to shut down its IT systems for two days “as a precaution”. The company has not named the hackers behind the attack, nor whether the cyber attack involved ransomware.

However, the news of data being published online suggests that that the company didn't comply with the hackers' ransom demands. 

This is in contrast to a similar incident involving US natural gas provider Colonial Pipeline, which saw the company comply with the DarkSide hacking group’s demands and pay the $4.4 million (£3.1 million) ransom. CEO Joseph Blount said that he was aware that the decision was “highly controversial”, yet added that “it was the right thing to do for the country”. 

“I didn't make it (the decision) lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this,” he told the Wall Street Journal in May.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022