Ferrari, the Italian luxury sports car maker, has disclosed a data breach incident today – affecting the PII of some of its clients.
The compromised information includes names, addresses, email IDs, and telephone numbers, while there’s no evidence of the leak of their payment data or other sensitive details.
The company says it’s investigating the incident to know more details and decided not to pay the threat actor’s ransom demand.
Compromising a Luxury Car Maker
Ferrari is one of the most popular names in the premium car-making space – where most of its offerings are aimed at races. Well, they do have cars for the premium community – which resulted in the company making a database of all these clients’ data.
Today, Ferrari says that a threat actor has compromised this data by hitting a part of their IT systems, affecting some of its clients. Disclosing this, Ferrari said PII, like the customer names, addresses, email IDs, and telephone numbers, were compromised in this breach, while there’s no evidence of the leak of more sensitive details like SSN or payment details.
Data breach at @Ferrari. Ransom demand, inevitably with the threat of disclosure. Anyone know which crew was behind this? pic.twitter.com/x7QTdlwOpO
— Troy Hunt (@troyhunt) March 20, 2023
After realizing the attack, Ferrari immediately secured its compromised systems and informed the relevant authorities. Now, investigating with a third-party cybersecurity firm, Ferrari said it’d not pay the threat actors, as it supports their illegal cyber activity. Instead,
“We believed the best course of action was to inform our clients, and thus we have notified our customers of the potential data exposure and the nature of the incident.”
While Ferrari says it didn’t disrupt any of its operations, this could defame the company on various counts. For one, this is the second similar data breach incident in six months – with the first reported in October 2022, hit by RansomEXX.
The ransomware group has held 7GB of Ferrari’s internal documents like the data sheets, repair manuals, etc., and demanded a ransom amount not to leak. Security researchers are now investigating to find who’s responsible for this latest attack.