Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that encrypted and copied user data from its cloud systems.
In a notice sent to customers on Monday and seen by The Register, the EV charging outfit said that it detected "unusual activity" on its AWS cloud platform on March 7 and quickly discovered that attackers had launched a ransomware attack against parts of its infrastructure.
According to the message, some databases were both encrypted and copied during the intrusion, meaning that the crooks likely walked off with user information before the company pulled the plug.
ELECQ, a Chinese outfit that builds smart EV charging gear for homes and businesses, says that the compromised data is limited to fairly standard account details: names, email addresses, phone numbers, and home addresses.
It insists no financial data, such as payment records or credit card information, was involved, and stressed that the attack did not affect the charging devices themselves, which it says remain "fully secure and operational."
That will be cold comfort to anyone who would prefer their home address not end up circulating on a ransomware gang's leak site.
The company says that it kicked off its incident response process as soon as the suspicious activity was spotted, taking affected servers offline and starting the job of restoring systems from backups. Since then, ELECQ says that it has tightened up parts of its infrastructure, including shutting down remote access services such as SSH and Telnet and beefing up encryption across its network.
ELECQ says that it has reported the incident to regulators, including the UK's Information Commissioner's Office and Germany's Federal Commissioner for Data Protection and Freedom of Information, indicating that the breach may involve customers in more than one European market.
ELECQ says it has also brought in third-party cybersecurity specialists to carry out a forensic investigation and identify any remaining vulnerabilities.
As is customary after these sorts of incidents, customers are being advised to watch out for phishing messages, reset their account passwords, and keep an eye on their inboxes and other accounts for anything suspicious. Contact details and addresses may not sound especially dramatic, but in the wrong hands, they can make social engineering scams far more convincing.
Several important details remain unclear. ELECQ has not said how many individuals may have been affected by the breach, whether it has identified the attackers responsible, or whether a ransom demand was received.
The Register has asked the company to clarify those points and will update if it responds. ®
Source: The register