The Knight ransomware group has claimed responsibility for a cyberattack on BMW Munique Motors, an authorized BMW dealership in the State of Rondônia, Brazil. The threat actors posted a message on the dark web, hinting at the release of download links for stolen files.
Notably, the target of the attack was the BMW dealership and not the parent company. Despite the seriousness of the claims, the website for BMW Munique Motors remains operational, suggesting a sophisticated cyberattack that may have focused on the organization’s backend database.
Furthermore, this incident comes after an earlier cyberattack on BMW France by the Play Ransomware group, which demanded a ransom and threatened to release stolen data on the dark web. The compromised data included client documents, contracts, and financial information.
In 2022, BMW France experienced another major cybersecurity breach when its social media accounts were hacked, negatively impacting the automaker’s reputation. The Knight ransomware group, which emerged in August 2023 from the Cyclops ransomware, is known for its multi-extortion tactics, employing a TOR-based blog to list victim names and exfiltrated data to pressure victims for payments and prevent data leaks.
While The Cyber Express sought an official confirmation from BMW Munique Motors regarding the cyberattack, no official statement or response has been received, leaving the claims unverified. This incident underscores the evolving sophistication of cybercriminal tactics and the risks posed by ransomware groups targeting well-established organizations.