Ferrari discloses data breach after receiving ransom demand

[Gandalf_The_Grey]

Content source

https://www.bleepingcomputer.com/news/security/ferrari-discloses-data-breach-after-receiving-ransom-demand/

Ferrari has disclosed a data breach following a ransom demand received after attackers gained access to some of the company's IT systems.

"We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment," Ferrari says in breach notification letters sent to customers.

The Italian luxury sports car maker says customer information exposed in the incident includes names, addresses, email addresses, and telephone numbers.

So far, Ferrari is yet to find evidence that payment details, bank account numbers, or other sensitive payment information was accessed or stolen.

"Ferrari N.V. announces that Ferrari S.p.A., its wholly-owned Italian subsidiary, was recently contacted by a threat actor with a ransom demand related to certain client contact details," the company said in a statement.

"Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm."

Ferrari discloses data breach after receiving ransom demand

Ferrari has disclosed a data breach following a ransom demand received after attackers gained access to some of the company's IT systems.

www.bleepingcomputer.com

 

[upnorth]

Yikes, a third time now that officially been reported since they switched AV vendor.

 

[plat]

A little more news and official correspondence from Ferrari. They speculate it's the RansomEXX group if you scroll down a bit in the thread. There was a lot of data stolen, it seems.

Spoiler

Edit: Ferrari's correspondence was already posted in the OP's Bleeping article. This just adds a little more info.

 

[SeriousHoax]

When they were breached before (the first/second time), Bitdefender said that Ferrari haven't switched to Bitdefender yet. So back then they were still using Kaspersky. But this time, I'm guessing it has to be Bitdefender.
That's twice under two different security vendors.
So the security provider is probably not the weakest link here. We can't know more unless they share more details.

 

[ScandinavianFish]

These companies never learn do they, to never rely on endpoint-based protection, rather focus pretty much entirely on identity based protection.

 

[ForgottenSeer 98186]

Yikes, a third time now that officially been reported since they switched AV vendor.

That's twice under two different security vendors.
So the security provider is probably not the weakest link here. We can't know more unless they share more details.

Kaspersky and Bitdefender are not infallible. Lots of people expect both to provide perfect security in enterprise environments and just ain't true.

The article leaves out the most important details of all - how did the threat actors gain access?

These companies never learn do they, to never rely on endpoint-based protection, rather focus pretty much entirely on identity based protection.

It takes network, identity and endpoint protections. While Ferrari is filthy rich, there's no infos on its complete digital protections. They just aren't using endpoint protections. There is network security too.