Hanwa Qcells, a Germany-based company known for providing solar systems and electricity, recently fell victim to a significant cyberattack. The attack, which occurred on July 14, 2024, allowed unknown hackers to gain access to portions of the company’s customer and business partner databases. As a result, personal data belonging to customers and partners has been leaked. Although Hanwa Qcells has yet to release an official statement, the company is working to restore its systems following the breach.
The cybercriminal group behind the attack, identified as “Abyss,” claims to have stolen a total of 5.4 terabytes of data. This information, potentially including names, addresses, phone numbers, email addresses, passwords, and bank account details, was threatened to be made public on August 9, 2024. The full extent of the breach, including the exact number of affected individuals, remains unclear. However, early reports indicate that sensitive customer data may already be circulating on dark web platforms.
Authorities in Germany, including the State Office of Criminal Investigation and the State Commissioner for Data Protection of Saxony-Anhalt, have launched an investigation into the cyberattack. While the company works to assess the damage and repair its IT systems, affected customers are urged to take precautionary measures. This includes changing passwords on the Q Partner Portal and other accounts where similar credentials may have been used, to mitigate the risk of further breaches.
In the wake of the attack, Hanwa Qcells customers should also remain vigilant against potential phishing attempts. Cybercriminals often use compromised data to craft targeted attacks that can lead to further credential theft. Additionally, there may be an increase in credential stuffing attacks, where hackers use stolen login information to access other accounts across multiple platforms. The company and security experts alike are advising users to monitor their accounts closely for any suspicious activity.
Reference:
