Hackers Claim Breach of Scania Financial Services, Leak Sensitive Data

A significant data breach has rocked Sweden’s Scania Financial Services, as a threat actor operating under the alias “hensi” claims to have infiltrated the subdomain insurance.scania.com, exfiltrating a trove of sensitive files and offering them for sale on underground forums. 

The incident, first detected in mid-June 2025, has raised concerns across the automotive and financial sectors, given Scania’s prominent role in the European commercial vehicle market.

Details of the Breach

According to cybersecurity researchers and multiple news outlets, the threat actor “hensi” announced the breach on a well-known, invite-only hacker forum, stating this was a first-time intrusion into Scania’s insurance platform.

The actor claims to have obtained a full set of files—reportedly 34,000 in total—and posted several sample images as proof, offering the entire cache to a single buyer.

Scania, a major Swedish manufacturer of trucks, buses ...