Menu
This week, the self-described as Europe’s largest independent car retailer, Arnold Clark notified some of its customers that their personal information was stolen in a cyber attack on the 23rd of December 2022 that was claimed by the Play ransomware group. It is believed that the stolen data includes ID information and banking details. In response to the cyber attack, Arnold Clark’s systems were disconnected from external networks to limit the threat actors’ access to the network.
“During this incident, it appears that some personal data stored in our network may have been stolen, including names, contact details, dates of birth, vehicle details, ID documents (such as passports and driver’s licenses), National Insurance numbers (in limited cases) and bank account details” – Arnold Clark.
Arnold Clark has already started an investigation into the incident with its security team and external consultants to establish the extent and the nature of the information that was exfiltrated from its systems. Arnold Clark also notified the police and relevant authorities, including the UK Information Commissioner’s Officer, about this security breach.
Affected customers were advised to be wary of potential phishing attacks targeting them due to this breach and not to open attachments or click links embedded in suspicious-looking emails.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
