Vestas Indicates Cyber Security Incident Was Ransomware Attack

The cyber security incident which forced the Danish wind turbine maker Vestas to shut down IT systems across multiple business units and locations earlier this month was a ransomware attack, the internal investigations have indicated.


The incident, which occurred on 19 November, impacted Vestas’ internal systems and resulted in data being compromised, the company said.

Related Article

The extent to which data has been compromised is still being investigated, but for now it appears that the data foremost relates to Vestas’ internal matters, according to Vestas.

Having conducted investigations, forensics, restoration activities, and hardening of its IT systems and IT infrastructure, Vestas said that almost all systems are now up and running and the company is close to normal operations.

The investigations into the incident are still ongoing. In that regard, Vestas maintains there is no indication that the event has impacted customer and supply chain operations, which is supported by the forensics investigation carried out with the assistance of third-party experts.

”We have been through some tough days since we discovered the cyber incident, and Executive Management and the Board of Directors are thus very pleased that the incident didn’t impact wind turbine operations and almost all of our IT systems are running again,” Henrik Andersen, President and Chief Executive Officer at Vestas, said.

”There is still a lot of work ahead of us to and we must remain extremely diligent towards cyber threats. I would already now like to take this opportunity to thank our customers, employees and external partners for their understanding and extraordinary support in these challenging circumstances.”