Cyber Security

Pendragon car dealer refuses $60 million LockBit ransomware demand

Published

on

Pendragon Group, with more than 200 car dealerships in the U.K., was breached in a cyberattack from the LockBit ransomware gang, who allegedly demanded $60 million to decrypt files and not leak them.

Pendragon owns CarStore, Evans Halshaw, and Stratstone luxury car retailer, that sell brands cars for all budgets, from Jaguar, Porsche, Ferrari, Mercedes-Benz, BMW, Land Rover, or Aston Martin, to Renault, Ford, Hyundai, Nissan, Peugeot, Vauxhall, Citroen, DS, Dacia, and DAF.

Pendragon did not provide many details about the security incident and limited the information to saying that there is no impact on operations.

“We have identified suspicious activity on part of our IT systems and have confirmed we experienced an IT security incident,” Pendragon says in the security announcement.

“This has not affected our ability to operate, and we continue to service our customers and communities as normal” – Pendragon

However, in an interview for The Times publication on Friday, the company chief marketing officer, Kim Costello, pointed to LockBit rasnsomware gang as the culprit and said that the attack happened about a month ago.

According to Costello, the company has been in contact with the hackers and received stolen files as proof of the breach but did not engage in negotiations.

The hackers asked for “tens of millions of dollars before a deadline” under the threat of publishing stolen data, Costello added. According to the U.K. publication, the LockBit asked for a $60 million ransom.

The company spokesperson said that Pendragon stands firm on its decision to not pay the hackers.

After discovering the attack, Pendragon reported the incident to law enforcement in the U.K. as well as to the country’s data protection office.

Pendragon’s spokesperson also clarified that the company’s IT team reacted immediately to the attack. Results from the investigation showed that the hackers stole only 5% of the database.

BleepingComputer contacted the company for more info about the stolen data and the impact it would have if the hackers leak it but received no response at publishing time.

LockBit’s attack on Pendragon comes around the time the U.K. car dealer received a takeover offer of £400 million from the Sweden-based Hedin Mobility Group.

Source: https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/

Click to comment
Exit mobile version