UK Car Dealer Arnold Clark Suffers Ransomware Attack

UK car dealer Arnold Clark has informed customers that hackers may have stolen their passport and driver’s license data as well as their national insurance numbers and bank account details in a security incident.

Arnold Clark is the UK's largest independently owned, family-run car retailer, operating some 200 dealerships in England and Scotland. It employs around 11,000 staff as of 2020.

The company posted a notice on its website revealing that hackers breached its systems on the evening of Dec. 23, 2022, at which point its IT people “immediately took steps to minimize the impact of the attack by removing all external connections to our network to protect our customer data, third-party partners and our systems.”

Unfortunately, these swift actions weren’t enough, as the attackers managed to obtain personal data such as names, contact details, dates of birth, vehicle information, passports or driver’s licenses, national insurance numbers, and bank account details, according to SecurityWeek.

Play ransomware operators have since taken responsibility for the breach, and have already published troves of information allegedly stolen from the car dealer. The attackers are threatening to make more data public if the company refuses to pay ransom. The data stolen from Arnold Clark’s servers allegedly weighs in at 467GB.

Arnold Clark has set up a dedicated call center with Experian to help those affected. The company is giving them 24 months' worth of free credit monitoring protection with Experian.

In usual data-breach fashion, the dealer has notified authorities and is working with police.

As a result of this attack, Arnold Clark is rebuilding its IT networks in a new segregated environment which, according to the notice, will impact some operations looking forward.