Ferrari targeted in ransomware attack, personal data relating to clients “exposed”

"Certain data" of Ferrari S.p.A clients, including telephone numbers, were exposed in a data breach. The company were also contacted with a ransom demand.

Ferrari targeted in ransomware attack, personal data relating to clients “exposed”

Ferrari

Ferrari can’t seem to catch a break lately. There was the Bahrain GP, of course, where the race pace was disappointing. And then, to pile on the misery, Charles Leclerc retired from a control electronics issue that had never been seen on the dyno before that day. In Jeddah, the season ultimately did not end up getting any better for them, even though (at least) both cars finished the race. However, the one-lap pace on both occasions, especially for Leclerc in Jeddah, was very encouraging.

During the early stages of the Saudi Arabian GP, with Carlos Sainz on mediums and Leclerc having a lightning start on the softs, things looked reasonably okay for Ferrari. But when they switched to hard tires, the pace dropped off massively. To add to their troubles, a safety car came out due to Lance Stroll’s retirement on lap 18. Both Ferrari cars had pitted recently. This meant their rivals got a cheap pit stop. This, combined with disappointing pace on the hard tires, unraveled their race.

Off-track too, things don’t look great. There were many rumors floating around of tension in Maranello after the Bahrain GP, and of a potential Leclerc-Lewis Hamilton swap deal. Now, recently, they’ve even been subject to a ransomware attack, where: “As part of this incident, certain data relating to our clients was exposed including names, addresses, email addresses and telephone numbers.” as revealed in a letter sent to Ferrari owners by the Italian company, as per Firstpost.

Read More: Frederic Vasseur frustrated with Ferrari’s inability to maintain “maximum potential

Ferrari refuse to be “held to ransom”

Ferrari
Ferrari

The good thing, as confirmed by Ferrari CEO Benedetto Vigna, is that: “based on our investigation, no payment details and/or bank account numbers and/or other sensitive payment information, nor details of Ferrari cars owned or ordered have been stolen.” This should alleviate at least some stress for the clients, though this is obviously not a good situation.

A statement released by Ferrari reads: “Ferrari N.V. announces that Ferrari S.p.A., its wholly-owned Italian subsidiary, was recently contacted by a threat actor with a ransom demand related to certain client contact details. Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm. In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.”

It continues: “As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks. Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident. Ferrari takes the confidentiality of our clients very seriously and understands the significance of this incident.”

In addition, Ferrari confirm that the breach had no impact on the “operational functions” of the Italian company. They have also worked with “third-party experts” to reinforce their systems, and are confident in them. It’ll be interesting to see how this develops, and if the people responsible for the ransom demand will be apprehended.

In case you missed it: