Pendragon, a car dealership group that owns Evans Halshaw, CarStore and Stratstone, has confirmed that its IT servers were hacked by cybercriminals who claimed to have stolen 5% of their data.
according to Timesthe LockBit 3.0 blackmail gang demanded a $60 million worth of cryptocurrency ransom from Pendragon, which operates about 160 showrooms across the UK.
A visit to Lockbit’s leak site on the dark web reveals that the blackmailer has threatened to release files stolen from Pendragon on Saturday, October 29th.
However, Pendragon says it’s not going to be paid for.
Pendragon said it has not had any discussions about paying the ransom to gangs who want it to be paid into Bitcoin wallets. “We refuse to be held hostage by this group and will not demand a ransom,” Chief Marketing Officer Kim Costello said.
Pendragon’s website has protected the outside world updated regularly Regarding response to ransomware attacks.
The company reported the attack to the Information Commissioner’s Office (ICO) and the police, and notified the National Cyber Security Center (NCSC).
Pendragon says the attack did not affect its ability to serve its customers and has since secured its systems.
Interestingly, Pendragon also states that it “successfully obtained an interim injunction against the attackers from the High Court.”
I don’t think a High Court injunction would prevent a data breach by an ‘unknown person’ likely based outside the UK, but I don’t think that’s the main reason they did it. think.
take Injunction Against Intimidator However, it will help Pendragon show their clients that they are doing everything in their power to prevent their information from being leaked, and perhaps help protect the company from future legal action.
Additionally, if those responsible are identified, the existence of an injunction could one day help them seek compensation, perhaps by seizing their assets.
News of the Pendragon cyberattack comes at an inconvenient time for the auto dealer group.it recently Received £400 million takeover offer It is a product of the Swedish car company Hedin Group.
I’m impressed by Pendragon’s refusal to pay the ransom. Cyber blackmailers just continue to blackmail companies that have been hacked.
Did you find this article interesting? Follow Graham Cluley on Twitter To read more about the exclusive content we post.