Ferrari has disclosed a data breach following a ransom demand received after attackers gained access to some of the company’s IT systems. “We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment,” Ferrari says in breach notification letters sent to customers. While Italian luxury sports car maker said the attackers gained access to its network and the attackers demanded a ransom not to leak data stolen from its systems, Ferrari is yet to disclose if this was a ransomware attack or just an extortion attempt. “Ferrari N.V. announces that Ferrari S.p.A., its wholly-owned Italian subsidiary, was recently contacted by a threat actor with a ransom demand related to certain client contact details,” the company said in a statement. “Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm.” Ferrari says customer information exposed in the incident includes names, addresses, email addresses, and telephone numbers. So far, Ferrari is yet to find evidence that payment details, bank account numbers, or other sensitive payment information was accessed or stolen.
Analyst Notes
All affected customers are recommended to change their login credentials on the Ferrari site to a unique and complex password. With the possibility of financial information leak, it is also recommended that customers monitor their banking information for unusual activity. It would also be prudent to enable credit monitoring services to further protect themselves from fraud.
https://www.bleepingcomputer.com/news/security/ferrari-discloses-data-breach-after-receiving-ransom-demand/
