Ferrari confirmed this week that it had been the victim of a “cyber incident,” and was contacted by hackers who made a ransom demand. The automaker said it would not pay the ransom, and has instead begun an investigation into the crime.
“As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks,” Ferrari wrote in a statement. “Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm. In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.”
In a letter to customers seen by Computer Weekly, Ferrari CEO Benedetto Vigna wrote that hackers may have gained access to the names, addresses, email addresses, and telephone numbers of customers.
He wrote, however, that based on its investigation, the cyberattackers had not managed to find data pertaining to customers’ financial information or the vehicles they own. So far, the organization behind the cyberattack has not been identified.
Read: Researchers Hack Ferraris, Rolls-Royces, And Other Luxury Vehicles
Cybersecurity experts have applauded Ferrari’s response to the breach, agreeing that bowing to ransom demands helps fund hackers, and is no guarantee that the stolen data will be surrendered.
However, there is still cause for concern among Ferrari customers, since stolen data like this can be sold on the dark web and used to commit further crimes, such as identity theft and fraud, which seem enticing given the typical Ferrari owner’s net worth.
Ferrari is no stranger to cyberattacks, having been targeted as recently as October 2022 by the group RansomEXX, reports Jalopnik. At that time, nearly seven gigabytes of repair manuals, datasheets, and other documents were stolen. It is not clear if the same group is behind this most recent ransom attempt.
Automakers have recently become a bigger target for hackers as they seek to digitize their vehicles and add more connected features. Despite that, a recent Automotive News report indicates that the industry is among the cheapest when it comes to paying white-hat hackers to help them find cyber vulnerabilities.
Ferrari, however, is now partnered with a leading third-party cybersecurity firm, and says that it is taking this incident very seriously. It adds that its day-to-day operations have not been impacted by the hack.