DRIVEN BASE

Communications Regarding the Data Breach suffered by DENSO Thermal Systems S.p.A. on March 28, 2026

17/06/2026

Subject: Notification of Cybersecurity Incident to Former Employees of DENSO Thermal Systems S.p.A.

We are contacting you as a former employee of DENSO Thermal Systems S.p.A. (“DNTS” or the “Company”) to inform you of a cybersecurity incident that may have involved some of your personal data.

1. Nature of the incident

On March 28, 2026, the Company detected a cybersecurity incident affecting certain corporate systems.

Forensic analyses indicate that an unauthorized third party have gained access to certain personal data stored within certain Company’s servers.

On April 27, 2026, our monitoring of the dark web revealed that the cyber attackers have disclosed various files which they claim to have been exfiltrated from our system and we must inform you that these files contained personal data from our systems.

2. Categories of the Personal Data affected

Based on the information currently available, the affected data may include the following categories:

  • Personal identification data (e.g. name, surname, tax identification number, date and place of birth)

  • Personal contact details (e.g. home address, e-mail address and personal telephone number)

  • Identification documents (e.g. identity cards, passports, driving licences)

  • Employment-related information (e.g., role, department, employment history within DNTS)

  • Payroll, social security and tax-related data

  • Fitness for work certificates.

At this stage, there is no evidence that the personal data has been misused.

3. Measures Taken by the Company

Upon becoming aware of the incident, the Company:

  • Immediately activated its internal incident response procedures

  • Contained and mitigated the breach

  • Launched a forensic investigation with external cybersecurity experts

  • Notified the competent supervisory authority included Police

  • Strengthening of technical and organizational security measures to prevent recurrence

4. Recommended Precautionary Measures

As a precautionary measure, the Company advises you to:

  • Carefully review any unsolicited communications requesting personal or financial information

  • Avoid clicking on suspicious links or attachments

  • Monitor bank accounts and financial transactions for unusual activity

  • Promptly report any suspected fraud to the relevant authorities

  • Change passwords used for services where the same or similar credentials may have been used

5. Contact details and further information

For any further information, you may contact EU_DNTS_risorse.umane@eu.denso.com.  We may provide further relevant information or updates to you, should there be any material developments.  Please periodically check our website for any such updates.

The Company takes the protection of personal data very seriously and regrets any inconvenience or concern this incident may cause.

Your sincerely,

DENSO Thermal Systems s.p.a.

 

17/06/2026

Subject: Notification of Cybersecurity Incident to Visitors

Dear Respected Visitors,

We are writing to inform you further to a cybersecurity incident that occurred within DENSO Thermal Systems s.p.a. on 28 March 2026, involving unauthorized access to certain IT systems.

Upon detection of the incident, we immediately activated our internal emergency response procedures, including containment measures, engagement of external cybersecurity experts, and a comprehensive investigation to assess the scope and impact.

As part of this investigation, we regret to inform you that personal data may have been involved.

Based on the information available to date with reference to visitors, the following categories of personal data are primarily:

  • Your contact information that you provided to us for the purpose of accessing our premises (such as names, surnames).

We have taken prompt actions to contain the incident, secure our systems, and prevent further unauthorized access. Additional safeguards are being implemented to further strengthen our security environment.

Although no confirmed misuse has been identified, we recommend that you consider adopting the following precautionary measures:

  1. Monitor accounts and communications. Check email accounts and business systems for any unusual or suspicious activity.

  2. Remain vigilant against suspicious communications. Pay attention to unexpected messages requesting sensitive information or urgent actions.

  3. Contact competent authorities, if you deem necessary.

Should we identify further developments affecting you, we will promptly provide you with further information and guidance.  Please therefore periodically visit this page to monitor any developments.

We sincerely regret any concern or inconvenience this situation may cause and appreciate your understanding and cooperation.

Should you have any questions, please contact EU_DNTS_risorse.umane@eu.denso.com

Your sincerely,

DENSO Thermal Systems s.p.a.