Arnold Clark, the UK’s largest independently owned automotive dealership, suffered a serious ransomware assault late final 12 months wherein massive volumes of delicate buyer information had been stolen.
Among the many information had been stolen financial institution particulars, passport copies, driver’s licences, car info, and National Insurance numbers, with different info possible focused within the assault, claimed by the Play ransomware gang.
Arnold Clark has warned some clients that their private info could have been stolen in a large cyber assault.https://t.co/O2szmAisJt
— The Scotsman (@TheScotsman) February 1, 2023
The UK-wide breach occurred on December 23 with clients emailed concerning the incident on 2 February.
In an announcement, Arnold Clark mentioned: “Whereas we had been initially suggested that every one our information was safe, sadly, in the middle of our investigation, it has turn out to be clear that in this incident, the attackers had been in a position to steal copies of some information that we maintain. As a result of kind of cyber assault that we have now been subjected to, this can be very troublesome to precisely determine what has been stolen; nevertheless, our groups are working with our exterior advisors to know the precise nature and extent of that information.”
Cybersecurity skilled Achi Lewis, Space VP EMEA for Absolute Software, mentioned: “Unsure financial instances and the lead-up to a vacation make the proper storm for cyber-attackers, typically making a extra relaxed and weakened safety posture to be exploited. Ransomware assaults don’t discriminate in opposition to any sector, with the automotive business dwelling to huge volumes of delicate information, demanding each preventative and reactive cybersecurity measures to be put in place by organisations.”
“Corporations throughout all industries ought to take this chance to guage their present cyber posture, implementing measures akin to resilient Zero Belief to stop risk actors from breaching units, purposes and networks. Resilient Zero Belief is a safety mannequin that authenticates customers on a case-by-case foundation, solely permitting entry to units and purposes if there are not any indicators of suspicious exercise. If uncommon behaviour is detected, entry could be frozen or shut off by a centralised IT crew to stop a breach.”
“Ransomware assaults are a case of when, not if, so it’s crucial that organisations give attention to their response protocols in addition to prevention. Leveraging self-healing options can assist to get better and restore units which were breached, defending them from future assaults. A full restoration can take months and even years from the preliminary investigation, so guaranteeing excessive cyber preparedness is important.”
Arnold Clark owns practically 200 dealerships throughout Scotland and England, promoting greater than 300,000 automobiles every year. Arnold Clark is asking affected clients to contact: customerservice@arnoldclark.com.
How car dealers can adapt to digital challenges in 2022
Arnold Clark owners rank among Britain’s wealthiest people: Rich List 2022