The confidential data of customers stolen from Arnold Clark, one of the largest car dealerships of Great Britain, were posted on the network by a group of extortionists Play.
January 3, representatives of Arnold Clark said on Twitter that they defended customer data after they found suspicious traffic on their network back in December, although they did not specify the nature of the attack. “Our priority was to protect the data of our customers, our systems and our third -party partners,” the company said.
However, later the Play group itself confirmed on its website that I abducted the information from Arnold Clark. The merged data include national insurance numbers and passport data, as well as the addresses and numbers of customer phone numbers. Bank statements and documents on financing cars for customers from a particular city of Glasgow were also published. It is assumed that the leakage includes data belonging to private and corporate clients.
More than 11,000 people in 193 dealerships operate in Arnold Clark. Representatives of the company said that the attack caused a temporary failure in business and apologized for the inconvenience. The complete influence of the incident on the company’s activities is still unclear.
“Our external security partners are now conducting an extensive test of our entire IT network and infrastructure, which is a giant task. They give recommendations to our IT group to re-include our network and systems in a safe and secure mode, in stages,”- It is said in the company of the company dated January 3.
ARNOLD CLARK statement on Twitter, January 3
As of Monday morning, the Arnold Clark news department, which usually regularly publishes new messages, has not been updated for more than a month . The last post was made on December 20, before the incident was discovered.
The British company was not the only purpose of Play in December. It also got a large hosting provider Rackspace and the whole Belgian city of Antwerp.