Ransomware victim disclosure
← All victimsBosch
Claimed by D1R · listed 2 days ago
Status timeline
- ListedJul 13, 2026
- Data leakeddate unknown
At a glance
- Group
- D1R
- Status
- Data leaked
- Country
- Germany
- Sector
- Manufacturing
- Listed on leak site
- Jul 13, 2026
About the victim
AI dossier — public-source company profileBosch is a multinational engineering and technology company headquartered in Germany. The group operates across mobility (automotive hardware, software, services), home appliances, industrial solutions, and power tools. One of the world's largest suppliers of automotive components and systems.
- Industry
- Automotive & Industrial Technology
Attack summary
Severity: high — Confirmed exfiltration of sensitive automotive technical IP (CAN bus protocol implementation, vehicle control systems). Such data enables reverse-engineering of vehicle security mechanisms and potential safety vulnerabilities. Large-scale industrial/defence-adjacent impact.The D1R group claims to have obtained Bosch CAN module implementation and automotive technical documentation, allegedly sourced through a third-party compromise (attributed to Synopsys supply-chain access). The group states this data is being released publicly.
Data the group says was taken
AI dossier — extracted from the leak post- CAN module implementation documentation
- Automotive technical specifications
- Engineering designs
What the group claims
Again, thanks to database Synopsys provided us with After analyzing technical leaks by other groups and cross-referencing targets from TARGETLIST.txt A company access was found and in the archives, a $10,000 gem: Bosch CAN module implementation Now it is going for free for every engineer and car enthusiast, thanks to Synopsys providing us with neat roadmap to tech sector Sorry, Bosch, you got third-partied! Call the Synopsys CEO and thank them for letting us all know where the valuable data is!
Sources
- Victim sitebosch.de
Source
Indexed 2 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

