Hanon Systems, a global leader in automotive thermal energy management solutions, recently suffered its third ransomware attack in three years, with the latest incident attributed to the ransomware group “Hunters International.” The attack, first detected on August 11, was later disclosed by the group on the dark web, revealing 1.6 million files amounting to 2.3 terabytes (TB) of sensitive internal data. This data included job applicant resumes from the past three years, contact information and addresses of employees and their families, employee ID photos, and details classified as part of Hanon Systems’ global equity structure.
After becoming aware of the breach, Hanon Systems promptly reported the incident to the Korea Internet & Security Agency (KISA) and notified affected employees in the Asan region the following day. The company also made an internal announcement via its intranet. The breach raises significant concerns, especially as Hanon Systems’ previous ransomware incidents involved different groups, including Egregor in November 2020 and Snatch in January 2022. These repeated incidents indicate ongoing vulnerabilities in the company’s cybersecurity protocols despite past attacks.
Ransomware attacks like this one usually involve hackers encrypting a company’s data and demanding payment in exchange for decryption keys, although in this case, data exfiltration and public disclosure were involved. Information shared on the dark web, often used for illegal purposes, poses substantial risks to individuals whose personal information was exposed. Moreover, the company’s key clients—Hyundai Motor Company, Ford, and Hyundai Mobis—could face potential exposure and disruption due to the breach.
Adding to the urgency of the situation, Hanon Systems is currently in the acquisition process with Hankook & Company Group (Hankook Tire Group). The breach could impact this acquisition, raising additional questions about the company’s data protection measures and the potential ramifications of such incidents on its operations and business partnerships.
Reference: