Car Dealership Hit by Major Ransomware Attack

  • One of the UK’s largest family-run car dealerships has admitted suffering a serious ransomware attack last month, which resulted in data theft and the damage “beyond repair” of some core systems.

    Stoke-on-Trent-based Holdcroft Motor Group was hit with a ransom demand after hackers stole two years’ worth of data including staff information.

    “On Thursday July 28 2022 the company was the victim of a serious cyber-attack which has caused significant damage to the company’s IT infrastructure and has also resulted in the loss of data from our internal storage areas,” read an internal email seen by StokeonTrentLive.

    “Following internal investigations it has been confirmed that some of the data that has been compromised may contain employee personal data.”

    Staffordshire Police, the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) have apparently been called in to investigate what happened.

    Although most systems are now back up and running, and the core dealer management system which hosts customer data was unaffected, the firm admitted some infrastructure had been damaged.

    “We have now managed to resolve the majority of the access issues that employees have been experiencing, although some of our core systems have been damaged beyond repair or have been permanently deleted,” the statement continued.

    Employees are reportedly being urged not to access personal sites from their work computers and to change any passwords on their personal accounts. They remain on high alert for any further suspicious activity.

    Car dealers are an increasingly popular target for ransomware actors, given the large amounts of customer personal and financial information they process.

    In April this year, a serious cyber-attack hit the UK-wide TrustFord dealership, while in March, over 100 current and former employees of LSH Auto began legal proceedings against the firm after being left in the dark following a major data breach.