Locked Ferrari Hacked: Luxury Automaker Refuses to Pay Ransom for Client Data Held Hostage by Threat Actor

[kameel]

Italian luxury automaker Ferrari has been hacked by an unknown threat actor who has demanded a ransom in exchange for certain client contact details. Ferrari made the announcement of the “cyber incident” on its website recently, stating that its wholly-owned Italian subsidiary was contacted by a threat actor with a ransom demand related to certain client contact details. While Ferrari has refused to pay the ransom as a policy, it has informed its clients of the potential data exposure and the nature of the incident. The company takes the confidentiality of clients seriously and understands the significance of the incident, as its clients most likely represent some of the world's wealthiest individuals given the typical cost of a Ferrari.

The attack has highlighted the fact that ransomware is not just a problem, but a major data loss issue as well, as sensitive data, including client names, addresses, email addresses, and telephone numbers, has been exposed. Cybersecurity firm Halcyon's CEO and Co-founder, Jon Miller, has emphasized that the focus for ransomware operators is to cause as much pain as possible to victim organizations in order to extract the highest payment possible. This means that even if the victim organization pays the ransom, the attackers still have the data and can sell or expose it, or come back to the victim organization and ask for even more money.

Ferrari has immediately started an investigation in collaboration with a leading global third-party cybersecurity firm, once they became aware of the hacker's demands. The automaker has assured its clients that the breach has had no impact on its operations. Even though Ferrari did everything right regarding securing the data and incident response measures, ransomware gangs are intent on stealing data to force victims into paying the ransom demand, causing collateral damage to entities whose sensitive data is exposed. Miller has urged organizations to defeat the attack before hackers can exfiltrate data and disrupt operations to make these attacks unprofitable. In October, Ferrari was hit by a ransomware attack, losing 7GB of data to threat actors.