Pendragon automotive supplier refuses $60 million LockBit ransomware demand

Largest car dealer in U.K. breached by LockBit ransomware gang

Pendragon Group, with greater than 200 automotive dealerships within the U.Okay., was breached in a cyberattack from the LockBit ransomware gang, who allegedly demanded $60 million to decrypt recordsdata and never leak them.

Pendragon owns CarStore, Evans Halshaw, and Stratstone luxurious automotive retailer, that promote manufacturers automobiles for all budgets, from Jaguar, Porsche, Ferrari, Mercedes-Benz, BMW, Land Rover, or Aston Martin, to Renault, Ford, Hyundai, Nissan, Peugeot, Vauxhall, Citroen, DS, Dacia, and DAF.

Pendragon didn’t present many particulars in regards to the safety incident and restricted the knowledge to saying that there is no such thing as a influence on operations.

“We’ve recognized suspicious exercise on a part of our IT methods and have confirmed we skilled an IT safety incident,” Pendragon says within the safety announcement.

“This has not affected our capability to function, and we proceed to service our prospects and communities as regular” – Pendragon

Nevertheless, in an interview for The Instances publication on Friday, the corporate chief advertising and marketing officer, Kim Costello, pointed to LockBit rasnsomware gang because the perpetrator and stated that the assault occurred a couple of month in the past.

In keeping with Costello, the corporate has been in touch with the hackers and obtained stolen recordsdata as proof of the breach however didn’t interact in negotiations.

The hackers requested for “tens of thousands and thousands of {dollars} earlier than a deadline” beneath the specter of publishing stolen knowledge, Costello added. In keeping with the U.Okay. publication, the LockBit requested for a $60 million ransom.

The corporate spokesperson stated that Pendragon stands agency on its choice to not pay the hackers.

After discovering the assault, Pendragon reported the incident to regulation enforcement within the U.Okay. in addition to to the nation’s knowledge safety workplace.

Pendragon’s spokesperson additionally clarified that the corporate’s IT staff reacted instantly to the assault. Outcomes from the investigation confirmed that the hackers stole solely 5% of the database.

BleepingComputer contacted the corporate for more information in regards to the stolen knowledge and the influence it might have if the hackers leak it however obtained no response at publishing time.

LockBit’s assault on Pendragon comes across the time the U.Okay. automotive supplier obtained a takeover provide of £400 million from the Sweden-based Hedin Mobility Group.

Leave a Comment