Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers claim to have stolen “critical BMW audit documents”, with files set to be published within days.
The Everest ransomware group has listed German automaker BMW as one of its most recent victims and is claiming to have stolen what it calls “critical BMW audit documents”.
The company was listed on Everest’s darknet leak site on 14 September, and as of writing, the leak post features a countdown to publication of the documents within 12 hours, with a second tranche of data to come within 48 hours.
“Company representative should follow the instructions to contact us before time runs out,” the hackers said in their leak post.
Everest has shared little else regarding the alleged hack. It has not listed how much data it has, nor has it made a ransom demand. According to a counter on the leak site, the post has already been viewed 679 times.
Cyber Daily has reached out to BMW for comment.
Everest ransomware is a Russian-linked group that was first observed in 2020. While it began as a data-theft-only extortion operation, it soon migrated to ransomware and encryption. It has claimed a total of 262 victims, with its most recent Australian victim being applied behavioural science firm Evidn, which was hacked earlier this year.
Some of the group’s more prominent victims include several Coca-Cola bottlers in the Middle East and direct marketing firm Mailchimp.
Carmakers have had a rough time in 2025, with several prominent brands facing significant disruption in the face of cyber attacks. Jaguar Land Rover is struggling to get its production lines running following a cyber attack at the beginning of the month, while the Qilin ransomware gang claimed to have stolen data from a design studio linked to Japanese car giant Nissan in August.
This isn’t BMW’s first brush with cyber this year, either. BMW’s Financial Services division was linked to a cyber attack on Texas-based fintech AIS Infosource in July.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
