One of the unspoken risks of having modern cars is that hackers could break into the vehicles without warning. Surprisingly, even car retailers actually run the same risk, as proven by what happened to Arnold Clark Automobiles, a big UK motor dealership.
Arnold Clark has over 200 dealerships in England and Scotland, with vehicles from more than 25 automakers on sale. On December 23, 2022. The company was struck by a cyberattack in which the hackers may have obtained its customers’ personal details.
If it’s true, then the hackers will know data such as names, dates of birth, contact and car information, passports or driver’s licenses, bank account details, and national insurance numbers.
This case is still under investigation, with Arnold Clark trying to find out the exact scope and characteristics of the stolen information. Nonetheless, affected customers are already being offered free web and credit monitoring services for two years via Experian.
The Play ransomware group has claimed responsibility for the cyberattack on its dark web site. At least, 31 archive files of roughly 15GB have been published by the hackers. They threatened to release more if Arnold Clark doesn’t pay up.
Play claims to have extracted “private and personal data”, including financial documents, passport and ID copies, leasing contracts, agreements, and confidential contracts.
Automotive News Magazine 