Ferrari, the Italian sports car manufacturer, has issued a warning to its affluent clientele that their data may have been compromised. This is after the company admitted it was the target of a recent ransomware attack.
Letter to Clients
"We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment," Ferrari wrote in a letter sent to its clients, which The Register obtained.
The message goes on to say, "Your data may have been included as part of this incident," implying that the breach may have revealed personal information about their customers. These personal data include full names, home addresses, email addresses, and contact numbers.
The notice to consumers also states that Ferrari has already confirmed the ransom demand details.
In an effort to soften the blow, Ferrari CEO Benedetto Vigna said that neither payment details nor bank account numbers nor other sensitive payment information, nor details of Ferrari automobiles owned or ordered have been taken, based on their investigation.
Impact Assessment
In a recent news article posted by Ferrari, the company has been approached by a threat actor with a ransom demand linked to specific customer contact data. Ferrari is remaining silent on the scope of the breach, including the date and method of the company's exposure.
As funding such demands fuels criminal activity and allows threat actors to sustain their attacks, the Italian automaker has opted not to pay the ransom. Not only that, but paying them does not significantly alter the data's sensitivity.
As a result, Ferrari concluded that the proper course of action was to tell their customers. Thus, the company has notified its customers of the possible data exposure and the nature of the issue.
There is no mention of ransomware in either the message or the statement, just that the attacker is seeking payment. Even while the firm affirms that the compromise has had no influence on the operating activities of their organization, this does not rule out the possibility.
Although ransomware and data exfiltration has become commonplace, many cybercriminal gangs have shifted their focus to outright extortion. As the number of technological solutions for malware grows, some have resorted to just threatening to disclose customer and supplier data.
The culprit knows where some wealthy individuals reside and how to reach them. The Register believes this makes the stolen info valuable to the criminals.
Another Cyberattack?
It is not clear whether this incident is related to one in October 2022, when a ransomware gang called RansomEXX claimed to have infiltrated the automaker's database. Ferrari, however, strongly disputed these allegations.
TechCrunch previously reported that seven gigabytes of Ferrari data containing corporate papers, data sheets, and maintenance instructions have been listed on the RansomEXX website.