One of the world’s most prominent luxury car makers has notified customers that their personal data may have been stolen after a threat group attempted to extort the company.
Ferrari said in a short statement released yesterday that “the ransom demand is related to the contact details of a specific client.”
It claims to have notified the “relevant authorities” and enlisted the help of a third-party security firm to ascertain what happened.
“As a matter of policy, Ferrari will never be held to a ransom, as paying such demands funds criminal activity and allows threat actors to perpetuate attacks,” it claims. Did.
“Instead, we notified the customer of the potential data breach and the nature of the incident, as we believed the best course of action was to notify the client.”
Read more about ransom payments: Ransomware payments to drop by 40% in 2022.
That message to affected Ferrari customers by CEO Benedetto Vigna was posted online by Troy Hunt, founder of the HaveIBeenPwned infringement notification site.
The attackers said they had access to a “limited number of systems” within the company’s IT environment.
No financial or vehicle details were stolen, but the hackers may have had access to names, addresses, email addresses, and phone numbers. Viña said.
It’s unclear how many customers were affected or which threat group attempted to extort the sports car giant.
But last October, a group known as RansomEXX posted online an allegedly stolen 7 GB of internal Ferrari data, including data sheets and repair manuals.
“Ferrari takes client confidentiality very seriously and understands the importance of this case,” the company said of the incident this week.
“We have worked with third-party experts to further harden the system and are confident in its resilience. We can also confirm that the breach has not impacted our operational capabilities. increase.”
Editorial image credit: yousang / Shutterstock.com
