Ferrari in a spin as crims steal a car-load of customer data
Speeds away from the very suggestion it would ever pay a ransom
Italian automaker Ferrari has warned its well-heeled customers that their personal data may be at risk.
“We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment,” opens a letter sent to Ferrari owners, including one Reg reader who was kind enough to share it.
“As part of this incident, certain data relating to our clients was exposed including names, addresses, email addresses and telephone numbers,” the letter continues, before warning: “Your data may have been included as part of this incident.” The letter to customers adds that Ferrari has verified the data dangled before it by whoever demanded the ransom.
That news is nasty, but Ferrari CEO Benedetto Vigna tried to ease the impact by adding “based on our investigation, no payment details and/or bank account numbers and/or other sensitive payment information, nor details of Ferrari cars owned or ordered have been stolen.”
In the letter and a statement dated March 21, Ferrari explained it “was recently contacted by a threat actor with a ransom demand related to certain client contact details.”
The maker of flash motors decided not to cough up a ransom “as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks. Moreover, it does not fundamentally change the data exposure.”
Ferrari therefore decided “the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident.”
- Here's how to remotely take over a Ferrari...account, that is
- Alarming: Tesla lawsuit claims collision monitoring system is faulty
- Cancer patient sues hospital after ransomware gang leaks her nude medical photos
- Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
Neither the letter nor statement mention ransomware – just that the attacker has demanded a ransom. But the documents also don’t rule it out, stating “We can also confirm the breach has had no impact on the operational functions of our company.”
However, many criminal gangs are moving beyond the ransomware and information exfiltration model into pure extortion. With technical fixes for malware increasing some have made the move to simply threatening to expose customers and suppliers.
The Register observes that customer data could be held by external entities such as dealers or marketers.
Wherever the data came from, Ferrari stated it has “worked with third party experts to further reinforce our systems and are confident in their resilience.” The automaker has also hired a “leading global third-party cybersecurity firm” and informed the relevant authorities.
Vigna declared himself confident “they will investigate to the full extent of the law.”
Even the cheapest Ferrari costs over $200,000. Whoever is responsible for this incident therefore knows where some cashed-up people live and how to contact them, making the stolen data of considerable value to crooks.
Vigna’s letter to customers ends: “We would like to take this opportunity to apologise sincerely for this event and rest assured we will do everything in our power to regain your trust.”
Just how he’ll do that once some Ferrari owners fall for the inevitable phishing and other scams that follow this incident is even harder to divine than how the Prancing Pony will overhaul Red Bull racing in this year’s Formula One Championship. ®