British car dealer Arnold Clark informed customers on Tuesday that their data had been compromised in a data breach that occurred in December 2022.
First disclosed by the company in January 2003 twitterthe violation caused the company to take its systems offline, including dealers and third-party connections.
“Our priority was to protect our customers’ data, systems and third-party partners,” the company wrote at the time.
“While this has been achieved, the action has caused temporary disruption to our business and, unfortunately, to our customers.”
This week, Arnold Clark confirmed that certain customer details were compromised in a breach.
According to the email I saw Information security, the data affected included names, contact details, dates of birth, vehicle details, and identification documents (such as passports and driver’s licenses). Some National Insurance numbers and bank account details were also affected.
“This incident highlights how important it is for retailers to effectively protect customer data. Comfort AG.
“These industries thrive on online transactions that require sensitive PII to be collected. [personally identifiable information] Attackers are always targeting,” said Shadabi. Information security on mail.
According to security experts, companies need to understand the “nature” of the sensitive data they want to protect and find appropriate protection methods beyond just boundaries.
“Data-centric security such as tokenization and format-preserving encryption is not just for global giants,” Shadabi explains.
“Even small or medium-sized organizations can be subject to large-scale attacks on their data. To have devastating consequences, […] Smart, data-centric security strategies get in the way. ”
In an email to customers this week, Arnold Clark also warned customers of a possible phishing attack as the company continues to investigate the incident.
The attack on Arnold Clark isn’t the first to target the automotive industry in recent times.
May 2022, General Motors announced I got a credential stuffing attack. A few months later, Holdcroft Motor Group was held for ransom by hackers. I stole 2 years worth of data.
