Italian luxury sports car maker Ferrari has revealed that it received a ransom demand related to customer contact details that may have been compromised in a ransomware attack. In a statement released on March 20, Ferrari said that it immediately began an investigation in collaboration with a leading cybersecurity firm upon receipt of the ransom demand. It also informed the relevant authorities and expressed confidence that they would investigate the incident to the fullest extent of the law.
While Ferrari did not specify when the attack occurred, it may be related to reports of a ransomware attack in October 2022, when the RansomEXX group claimed to have stolen and leaked 7 GB of data from Ferrari. The car maker denied the claims at the time.
“As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks,” Ferrari stated. “Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident.”
The company has contacted its customers via email, informing them that the exposed information includes their name, address, email address, and phone number. Ferrari has not found any evidence that financial information or details on owned or ordered cars have been compromised.
With one of the most expensive car lineups in the world, a contact list of wealthy customers is very attractive to cybercriminals. They could use the information to customize malicious, targeted emails.
Ferrari has confirmed that the breach has not affected the operational functions of the company and that it has worked with “third-party experts” to strengthen its system security. The company has not mentioned RansomEXX in its statement, but the ransomware gang has been linked to several other attacks, including those on logistics giant Hellmann Worldwide, software and services firm Tyler Technologies, and others.
Ferrari’s stance on not paying ransoms is in line with industry best practices, which discourage organizations from funding cybercriminals. However, this can lead to the exposure of sensitive information, which can be damaging to a company’s reputation and lead to potential legal repercussions. As such, it is essential that organizations take steps to secure their systems and protect their data from cyber threats.