Ferrari recently confirmed via a public announcement it was hit by a ransomware-based cyberattack that exposed information related to its customers. “Certain data relating to our clients was exposed, including names, addresses, email addresses, and telephone numbers,” Chief Executive Officer Benedetto Vigna wrote in a letter sent to all Ferrari customers. Ferrari claims that more sensitive details, such as payment data, bank account numbers, and information related to Ferrari cars owned or ordered, have not been leaked in this cyberattack. This is the second time in a year the iconic Italian automaker has been the victim of a ransomware attack. In late 2022, a group known as RansomEXX managed to steal 7GB of private data from Ferrari.
Ferrari says it has received a ransom demand for the latest data breach from “a threat actor” and an investigation has been launched with the help of “a leading global third-party cybersecurity firm” along with alerting the relevant authorities. The company said it will not succumb to the hacker’s demands as they fund criminal activity and enable more attacks. “As a policy, Ferrari will not be held to ransom, as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks,” the Italian marque said. “Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident.”
Unfortunately, such cyberattacks are becoming more prevalent and threatening. Automobile manufacturers such as Volvo, Toyota, Nissan, General Motors, and Honda have all faced similar ransomware attacks. The attack on Honda was so severe that it even had to temporarily cease production in some of the North American factories. Thankfully, Ferrari claims the breach has had no impact on operations.