Auto dealer group Pendragon has refused to pay $60 million to ransomware extortionists.

Pendragon, a car dealership group that owns Evans Halshaw, CarStore and Stratstone, has confirmed that its IT servers were hacked by cybercriminals who claimed to have stolen 5% of their data.

according to Timesthe LockBit 3.0 blackmail gang demanded a $60 million worth of cryptocurrency ransom from Pendragon, which operates about 160 showrooms across the UK.

A visit to Lockbit’s leak site on the dark web reveals that the blackmailer has threatened to release files stolen from Pendragon on Saturday, October 29th.

However, Pendragon says it’s not going to be paid for.

Pendragon said it has not had any discussions about paying the ransom to gangs who want it to be paid into Bitcoin wallets. “We refuse to be held hostage by this group and will not demand a ransom,” Chief Marketing Officer Kim Costello said.

Pendragon’s website has protected the outside world updated regularly Regarding response to ransomware attacks.

The company reported the attack to the Information Commissioner’s Office (ICO) and the police, and notified the National Cyber ​​Security Center (NCSC).

Pendragon says the attack did not affect its ability to serve its customers and has since secured its systems.

sign up for newsletter
Security news, advice and tips.

Interestingly, Pendragon also states that it “successfully obtained an interim injunction against the attackers from the High Court.”

I don’t think a High Court injunction would prevent a data breach by an ‘unknown person’ likely based outside the UK, but I don’t think that’s the main reason they did it. think.

take Injunction Against Intimidator However, it will help Pendragon show their clients that they are doing everything in their power to prevent their information from being leaked, and perhaps help protect the company from future legal action.

Additionally, if those responsible are identified, the existence of an injunction could one day help them seek compensation, perhaps by seizing their assets.

News of the Pendragon cyberattack comes at an inconvenient time for the auto dealer recently Received £400 million takeover offer It is a product of the Swedish car company Hedin Group.

I’m impressed by Pendragon’s refusal to pay the ransom. Cyber ​​blackmailers just continue to blackmail companies that have been hacked.

Did you find this article interesting? Follow Graham Cluley on Twitter To read more about the exclusive content we post.

Graham Cluley is a veteran of the antivirus industry and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent security he is an analyst, makes regular media appearances and gives international lectures on computer he security, hackers and online he privacy. Follow him on Twitter. @gcluleyor drop him an email.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog