Third party breach exposes data

Ransomware Group Threatens Bosch With Stolen Engineering Data

Ransomware, D1R ransomware, Synopsys breach, Bosch ransomware attack involving stolen engineering data, D1R ransomware group threatens Bosch data leak, Synopsys vulnerability linked to Bosch supply chain attack, Bosch, Bosch ransomware attack, supply chain attack
Facebook
X
LinkedIn
Reddit
WhatsApp
Source: Sundry Photography/Shutterstock.com

The ransomware group D1R is threatening Bosch with the release of sensitive engineering data allegedly stolen in a breach involving Synopsys.

The relatively unknown ransomware group D1R has added German industrial giant Bosch to its darknet leak site. The attackers are demanding negotiations and threatening to publish stolen data after an 11 day deadline expires. Initial data samples released by the group indicate that confidential engineering documents may have been exfiltrated. Among the files is an excerpt from the manual for the Controller Area Network (CAN) communication protocol, originally developed by Bosch in 1983 and now used worldwide to connect electronic components in vehicles, trains, and aircraft.

Ad

Theft of VHDL Design Files

A directory tree published by the attackers reveals numerous files with the .vhd extension. These file formats typically contain source code written in the hardware description language VHDL, which is used to design integrated electronic circuits.

The exposure of such files creates a risk that Bosch’s proprietary hardware designs could be disclosed. This type of information could be valuable to competitors as well as cybercriminals seeking to identify potential weaknesses directly within hardware architectures. Bosch has not yet confirmed the exact scope of the alleged data breach.

Attackers Exploit Third Party Vulnerability at Bosch Supplier

According to the extortion group, the incident was not caused by a direct compromise of Bosch’s own IT infrastructure but rather by a supply chain attack. D1R claims it obtained the data through Synopsys, a US based company whose software is widely used for electronic design automation worldwide.

Ad

In a statement published by the attackers, the group claimed:

“Our cybersecurity assessment team discovered a vulnerability in Synopsys. A faulty logic issue in their registration form allowed our team to retrieve an entire database containing 40,000 enterprise customers without internal access.”

Ransomware group D1R

Synopsys itself is also listed on the group’s extortion site with the same 11 day deadline. Bosch has previously suffered data exposures through compromised third party providers in 2021 and 2025.

(ll)

Ad

Artikel zu diesem Thema

Weitere Artikel