Automotive firm Pendragon reports being hit by the LockBit gang

October 25, 2022
Automotive Pendragon UK LockBit Ransomware Hacker Gang Extortion Data Breach CarStore Evans Halshaw Stratstone

UK’s automotive giant, Pendragon Group, reported a cyberattack from the LockBit ransomware gang, requesting $60 million in exchange for the decryption key and not leaking the firm’s data. The automotive firm has only shared limited details about the incident, but they assured their clients that their operations would remain normal.

The Pendragon Group, one of the largest motor retailers in the UK, owns several luxury car retailers, including CarStore, Evans Halshaw, and Stratstone. The company has been operating for over 30 years and is a trusted partner to numerous automotive organisations worldwide.

 

The automotive firm reported that they had detected suspicious activity in their IT systems and confirmed it to be an attack from a cybercriminal group.

 

Pendragon published a dedicated page on their website to share details about the security incident that affected them. Based on the initial statement, the firm clarified that the incident had not impacted their ability to continue operating, thus continuing their service to customers as normal.

In a separate publication interview, a Pendragon representative revealed that they are looking at the LockBit ransomware gang as the group behind the attack on their IT systems, adding that it happened a month ago.

The automotive firm also said they have been talking with the threat group, which sent samples of the stolen files as proof. However, Pendragon has refused to engage in negotiations after being asked for a $60 million ransom in exchange for the safety of their compromised file and a decryption key.

Up to now, the firm stands firm on not paying any amount to the LockBit gang. They immediately raised the incident to UK authorities and the Data Protection Office to aid them in investigating and addressing the incident.

The initial results from the investigations show that the ransomware group had compromised and stolen only 5% of Pendragon’s database. The prompt action of law enforcement agencies has made it possible for the automotive firm to control the incident and not commit sudden decisions.

The firm has not provided more details about the incident, and the researchers could only rely on the dedicated page published for the security incident’s updates, with the most recent on October 21, stating that they have successfully obtained an interim injunction from the High Court against the culprit ransomware group.

About the author

Leave a Reply