Vestas says attackers leaked data after cyber incident

Vestas Wind Systems A/S (CPH:VWS) today said attackers illegally retrieved data from its IT systems during the cyber security incident last month and have since threatened to publish it.

The stolen data has been leaked by the attackers and potentially offered to third parties, the Danish wind turbine maker added in an update on the cyber incident it discovered on November 19. On November 29 the company said almost all systems were up and running after the incident, which was probably ransomware.

Vestas reiterated that there are no signs the incident has impacted customer and supply chain operations. It thinks the leaked data mostly relates to the company’s internal matters.

President and chief executive Henrik Andersen said the threat actor failed in its attempt to extort Vestas.

“Unfortunately, the attackers did manage to steal data from Vestas, and that data has been illegally shared externally. To mitigate this situation, we are working hard to identify any leaked data and will collaborate with affected stakeholders and authorities,” he explained.

The company said it is investigating what personal data is affected and will provide an update as soon as it has more information.

Choose your newsletter by Renewables Now. Join for free!