Italian luxury sports car maker Ferrari has suffered a data breach and has confirmed on Monday that it “was recently contacted by a threat actor with a ransom demand related to certain client contact details,” but that it won’t be paying up.
“Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident,” the company shared.
What is known about this Ferrari data breach?
There is a ransom demand, but there is no mention of ransomware having been deployed on company systems.
“We can also confirm the breach has had no impact on the operational functions of our company,” claims the client communication sent to potentially affected customers and signed by Ferrari CEO Benedetto Vigna.
Unnamed attackers have managed to access a limited number of systems in the company’s IT environment, and certain client data – including names, addresses, email addresses and telephone numbers – was exposed, Vigna shared. Apparently, Ferrari became aware of the breach only after receiving the ransom demand.
Outside experts have been hired to help with the investigation and reinforcement of the company’s systems.
Vigna noted that Ferrari “will not be held to ransom as paying such demands continues to fund criminal activity and enables threat actors to perpetuate their attacks.” Also, he pointed out, paying up would “not fundamentally change the data exposure.”
It is unknown whether this “cyber incident” is related to a previous alleged attack by the RansomEXX ransomware gang, which resulted in 7GB of data – including internal Ferrari documents, datasheets, repair manuals, and more – being leaked online.
At the time, Ferrari told Red Hot Cyber that there was no indication that its systems had been breached, and no evidence of ransomware having been deployed.
What should affected clients do?
“Based on our investigation, no payment details and/or bank account numbers and/or other sensitive payment information, nor details of Ferrari cars owned or ordered have been stolen,” Vigna pointed out.
But the exposed personal and direct contact information could be used by these or other attackers to mount spear-phishing attacks, so Ferrari customers should be extra careful when reviewing emails and answering the phone from now on.