Danish wind turbine maker Vestas has confirmed that data stolen during a ransomware attack on its IT systems last month was released and potentially offered to other parties.
The company said that it has grounds to believe that the leaked data is largely about internal affairs.
“Unfortunately, the attackers did manage to steal data from Vestas, and that data has been illegally shared externally. To mitigate this situation, we are working hard to identify any leaked data and will collaborate with affected stakeholders and authorities,” said Henrik Andersen, president and CEO of Vestas.
Vestas further stated that following investigations, forensics, restoration activities, and hardening of its IT systems and IT infrastructure, the majority of its systems are up and running.
The investigation is still underway, and Vestas indicated that it has received no evidence that the incident has harmed customer or supply chain activities.
The company is analysing what personal data has been compromised and expects to begin informing impacted parties within the next few days.