Vestas became aware of the breach on November 19 and it immediately started shutting down IT systems. Little information was provided when the attack was disclosed, but the company’s description of the incident suggested that it was a ransomware attack.

In an update shared on Monday, Vestas confirmed that ransomware was indeed used and that the incident resulted in data getting compromised.

“The extent to which data has been compromised is still being investigated, but for now it appears that the data foremost relates to Vestas’ internal matters,” the company said.