Danish BMW dealer Jan Nygaard now confirms that the data stolen in a hacker attack earlier this month has been leaked.
Danish BMW dealer Jan Nygaard confirms that the company has been hit by a hacker attack.
As a result, a number of data have been compromised and subsequently published on the dark part of the internet – also known as the darkweb.
Jan Nygaard AS states in a press release that the company became aware on January 5, 2025, that it had been subjected to a cyber attack and data theft.
Unauthorized parties had gained access to and stolen a number of data. The attack was stopped the same day it was launched.
The car dealership has since collaborated with external IT specialists to map the extent of the data breach. The attack and data theft were reported to the Danish Data Protection Agency and the Police on January 6, 2025.
It has now been confirmed that some of the information in question has been published on the dark web.
Among the compromised data is the following personal information:
- Social Security numbers of current and former employees
- Name, address, telephone number and email address of customers and current and former employees
- Social security numbers, driving license and passport information, as well as payslips/annual statements for a small number of customers who have been in contact with the sales departments
It is estimated that workshop customers are not currently affected by the theft.
Jan Nygaard will contact the affected customers as soon as there is precise information about what data has been leaked by the hackers behind the attack.
All current customers and employees whose contact information is available to the company have been informed.
This is done to allow them to take the necessary precautions, as described in Sikkerdigital's identity theft guidance. It has not yet been possible to narrow down exactly who is affected.
Jan Nygaard also uses their digital platforms, such as the website and social media, to inform former customers and employees.
Former customers and employees are advised to:
- Visit Sikkerdigital for guidance on identity theft.
- Contact Sikkerdigital's Cyberhotline on tel. 3337 0037 for further advice.
- Be extra vigilant about suspicious emails, phone calls or identity theft attempts.
The data breach may pose a risk of misuse of the stolen information for identity theft and financial fraud.
Customers with secret addresses risk that this information is now publicly available on the dark web, which could have serious consequences.
Jan Nygaard emphasizes that they take this incident very seriously and understand the concerns it may cause for both current and former customers and employees. The company has strengthened its security measures and is working hard to limit the damage.
A data security review has been initiated to implement additional initiatives and similar future measures.