The global automotive components manufacturer Denso said in a press release this week that its German operations had been “illegally accessed by a third party.”
The ransomware group Pandora claimed responsibility, listing Denso on its leak site. By Wednesday, Denso no longer appeared on the Pandora site. Brett Callow, a threat analyst at Emsisoft, said that when ransomware groups de-list companies it typically indicates that the company has agreed to either negotiate or pay a ransom.
Denso said that after officials detected the unauthorized access, the company “promptly cut off the network connection of devices that received unauthorized access and confirmed that there is no impact on other DENSO facilities.”
The company is investigating the March 10 incident and said there had been no interruption to production activities.
Denso supplies parts to Toyota and other major automotive brands. The company’s consolidated revenue was $44.6 billion last fiscal year.
The incident is the latest incident to hit an automotive supplier. In late February, Toyota announced it was suspending operations at all 14 Japanese plants after parts supplier Kojima Industries Corp. was hit by a suspected cyberattack.