As part of its response and containment strategy, steel giant ThyssenKrupp confirms  that hackers last week breached systems in its Automotive division, forcing them to shut down IT systems.
With over 100 000 employees and a gross annual revenue of over$ 44.4 billion ( 2022 ), ThyssenKrupp AG is one of the biggest steel producers in the world.
The company plays a significant role in the global supply chain of goods that include steel in a variety of industries, including automotive, elevators and escalators, industrial engineering, renewable energy, and construction.
ThyssenKrupp claims its automotive body production division was impacted by a cyberattack last week that was reported to BleepingComputer.
A ThyssenKrupp spokesperson said last week that the business unit of ThyssenKrupp Automotive Body Solutions received unauthorized access to its IT infrastructure.
Automotive Body Solutions ‘ IT security team immediately identified the threat and has since collaborated with ThyssenKrupp Group’s IT security team to contain it.
” To accomplish this, various security measures were implemented, and some applications and systems were temporarily taken offline.
The cyberattack, which was contained in the automotive division, was not directed at ThyssenKrupp, who has stated that no other business units or segments have been impacted.
The business added that they are working toward a gradual return to normal operations given that the situation is under control.
Saarbruecker Zeitung, a German newspaper that first reported on the attack last Friday, claims that the attack had a direct impact on ThyssenKrupp’s Saarland-based plant, which employs over a thousand specialists.
The facility participates in collaborations with industry partners, research institutions, and universities in both steel production and processing and research and development.
ThyssenKrupp responded to a question from BleepingComputer regarding the reported Saarland outage, and the company confirmed that the production had been stopped but clarified that customer supply had n’t yet been impacted.
ThyssenKrupp has been repeatedly exposed in hackers ‘ crosshairs due to its prominent position in the global economy, including in 2022 , 2020 , 2016 , 2013, with the majority of the cases aimed at espionage and operational disruption.
No significant ransomware organizations or other threat actors were in charge of the ThyssenKrupp attack at the time of writing, so what kind of breach was it?