"In a notice sent to customers on Monday and seen by The Register, the EV charging outfit said that it detected "unusual activity" on its AWS cloud platform on March 7 and quickly discovered that attackers had launched a ransomware attack against parts of its infrastructure. According to the message, some databases were both encrypted and copied during the intrusion, meaning that the crooks likely walked off with user information before the company pulled the plug."
"ELECQ, a Chinese outfit that builds smart EV charging gear for homes and businesses, says that the compromised data is limited to fairly standard account details: names, email addresses, phone numbers, and home addresses. It insists no financial data, such as payment records or credit card information, was involved, and stressed that the attack did not affect the charging devices themselves, which it says remain "fully secure and operational.""
"The company says that it kicked off its incident response process as soon as the suspicious activity was spotted, taking affected servers offline and starting the job of restoring systems from backups. Since then, ELECQ says that it has tightened up parts of its infrastructure, including shutting down remote access services such as SSH and Telnet and beefing up encryption across its network."
ELECQ, a Chinese manufacturer of smart electric vehicle chargers, detected unusual activity on its AWS cloud platform on March 7 and discovered a ransomware attack had compromised parts of its infrastructure. Attackers encrypted and copied databases containing customer personal information including names, email addresses, phone numbers, and home addresses. The company confirmed that no financial data or payment records were compromised, and the physical charging devices remained secure and operational. ELECQ immediately initiated incident response procedures, taking affected servers offline and restoring systems from backups. The company subsequently enhanced security measures by disabling remote access services like SSH and Telnet and strengthening network encryption. ELECQ reported the incident to regulatory authorities including the UK's Information Commissioner's Office and Germany's Federal Commissioner for Data Protection and Freedom of Information.
#ransomware-attack #data-breach #ev-charger-security #cloud-infrastructure #customer-data-compromise
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]