It seems to be a pretty bad time to be in the car sales business. Not only are sales down due to various factors – a lack of semiconductors for new in-car gadgetry, a slump in the second-hand market due to austerity, and a poor performance in EV sales compared to predicted sales. Now it seems that hackers have their eyes on sales companies.
Just a few months after car sales giant Pendragon suffered a ransomware attack, where the attackers demanded a (USD)$60M ransom, another big automotive company has been hit.
Glasgow-based Arnold Clark is the latest car sales company to be hit with a ransomware attack, reportedly on Christmas Eve.
This comes in a year of automotive attacks which started in early 2022 with one of Europe’s biggest car dealerships, the Swiss-based Emil Frey being hit with the Hive ransomware.
This was followed shortly after with the Florida-based Arrigo automotive group being targeted.
In July 2022, Nottingham-based Holdcroft Motor Group was hit with a serious ransomware attack which resulted in data theft and the damage “beyond repair” of some core systems.
The Arnold Clark data breach is causing a major headache for the dealership. Already, 15GB of stolen data has been released on the dark web, and the hackers are now threatening to release another 467GB of data.
Data already released contains sensitive customer data including National Insurance numbers, Passport data, bank statements, and addresses. Typically this data is required by a car dealership when taking out finance for a new vehicle.
The remaining data includes full names, home addresses, phone numbers, email addresses, finance deals, and insurance certificates. The perfect haul for anyone wanting to commit identity fraud.
Customers being advised to be wary of scams
An Arnold Clark spokesperson said that it will begin contacting customers once it has a full picture of what data has been taken, but that customers should be vigilant in case they start receiving fake emails pretending to be from the group.
The spokesperson added: ‘We are liaising with the relevant regulatory authorities over this incident, especially the ICO (Information Commissioner’s Office) and the police.