Posted on March 21, 2023 at 8:34 AM
Luxury automaker Ferrari hacked, turns down ransom demands
Ferrari has become the latest major global brand to report a hacking attack. The luxury car maker disclosed it had suffered a data breach after attackers obtained access to some of the IT systems used by the company.
Ferrari confirms a data breach
Ferrari issued breach notification letters to its customers, informing them about the breach. In the official statement, the company said that hackers managed “to access a limited number of systems in our IT environment.”
The Italian luxury car maker also said the threat actors accessed the company’s network. The attackers later demanded a ransom payment for them not to leak the data stolen from the company systems. The company has yet to confirm if the hack was caused by a ransomware group or if it was just an extortion attempt.
The statement noted that the breach happened at Ferrari N.V., its wholly-owned subsidiary. It noted that the threat actor’s activities were related to clients’ contact details. The company also said it had contacted the relevant authorities to report this breach.
“Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm. In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law,” the statement said.
The company also reiterated that it would not give in to the ransom demands made by the attacker. It alluded that the ransom payment would amount to funding criminal activity. Moreover, such action could also give threat actors the support they need to launch more attacks in the future.
According to Ferrari, the best course of action for the company during such instances was to inform its clients about this breach. The company noted that customers had been notified about the potential exposure of their data and the extent of damage that this breach had caused.
“Ferrari takes the confidentiality of our clients very seriously and understands the significance of this incident. We have worked with third-party experts to further reinforce our systems and are confident in their resilience. We can also confirm the breach has had no impact on the operational functions of our company,” the statement added.
According to the company, the customer information exposed because of the breach includes names, email addresses, home addresses, and telephone numbers. The company is yet to detect whether sensitive data such as payment details, bank account numbers, and payment data was accessed or stolen because of this breach.
Increase in ransomware attacks
Threat actors have been actively targeting individuals and institutions in ransomware campaigns. Riot Games, one of the largest gaming companies, turned down a ransom demand for $10 million in January this year. The ransom was demanded by threat actors who stole the League of Legends source code.
The company said that it would not pay the ransom demand. It admitted that the breach threatened its build environment and could trigger future issues. However, it noted that the hackers did not access player data or players’ personal information.
The threat actors who managed to access Riot Games systems stole the source code for the League of Legends, one of the most popular games in the industry. The hackers also breached the Teamfight Tactics game and a legacy anti-cheat platform used by the company.
The LockBit hacker group has also threatened to release files that it alleges were stolen from the City of Oakland’s online systems. The hacking group has issued a warning on the dark web that the stolen data would be published within 19 days if the ransom demands are not met.
There is no certainty that this breach has happened or that the hackers accessed the data they purport to release. The LockBit group has previously made false claims related to hacking attacks. For instance, the group alleged to hack Mandiant systems in June last year, but the claim was false.
On the other hand, it would not be the first time hackers are targeting the City of Oakland. Early this month, the city was targeted by a breach attributed to the Play ransomware. The threat actors started releasing reportedly stolen data. The 10GB volume of data contained passports, IDs, confidential documents, and employee information.
Shortly after this attack became public, the city released a statement confirming the breach. It noted that investigations had started into the data leaked online. Mid this month, the city sent letters to the individuals affected by the breach.