Ferrari's CEO, Benedetto Vigna, sent a letter to the affected customers informing them of the cyber incident. The carmaker admitted that a threat actor had been able to access some of the systems in its IT environment. The company said that it had investigated the attack and found that no payment information or details of Ferrari cars owned or ordered had been stolen. However, the company cannot determine whether the data was exfiltrated, given that it's not clear if the carmaker has the technical ability to detect data exfiltration.
Data breach at @Ferrari. Ransom demand, inevitably with the threat of disclosure. Anyone know which crew was behind this? pic.twitter.com/x7QTdlwOpO
— Troy Hunt (@troyhunt) March 20, 2023
Ferrari has not confirmed the number of customers affected by the breach or how and when the company was compromised. The company has not responded to journalists' questions regarding the incident. However, a ransomware group called "RansomEXX" claimed to have breached Ferrari in October 2022, but Ferrari denied the claim at the time. Recently, a listing on the RansomEXX website indicated that the group had stolen seven gigabytes of data from Ferrari, including internal documents, data sheets, and repair manuals. It remains unclear if the two incidents are connected.
Vigna confirmed that Ferrari has not paid the ransom demand of the unnamed hackers, saying that doing so would not fundamentally change the data exposure. The company hired a third-party cybersecurity firm to investigate the breach after receiving the ransom demand, the amount of which remains undisclosed.
"We can also confirm the breach has had no impact on the operational functions of our company," Ferrari said in a separate statement.
Source: TechCrunch