Italian luxury sports car maker Ferrari has been hit by a ransomware attack that has led to sensitive customer data being stolen.
A press release posted on Ferrari’s website, as well as an email sent by the company to affected customers, confirmed that following a cyber incident, Ferrari’s Italian subsidiary was contacted by a threatening actor, demanding payment of the ransom demand.
“Upon receipt of the ransom demand, we immediately launched an investigation in collaboration with a global leader in cybersecurity. In addition, we have informed the relevant authorities and we are confident that they will investigate the full extent of the law.
There is no impact on operations
Elsewhere in the release, Ferrari said he would not make any payments, as that would incentivize the attackers more and give them money for additional attacks.
“Instead, we thought the best course of action was to inform our customers, and so we have notified our customers of the potential data exposure and the nature of the incident,” she added.
In the notification sent to Ferrari customers, the company said that an attacker “was able to gain access to a limited number of systems in our IT environment.” The data the hackers took includes sensitive information such as names, postal addresses, email addresses, and phone numbers. Payment details, bank account numbers or other sensitive payment information are likely to be safe, as there is no evidence (yet) that they were taken either.
Ferrari concluded the notification by saying that the attack did not affect its operations in any way.
> What is ransomware and how does it work?
> What are the different types of ransomware?
> These are the best privacy tools out there right now
While the company’s move is commendable, there are some details left out, such as the name of the threatening actor behind the attack, and whether or not this had anything to do with the recent GoAnywhere MFT failure. Moreover, the company did not say how much money the attackers are asking for the data.
- Below is a list of the best endpoint security services today