{"id":604157,"date":"2023-02-03T07:49:16","date_gmt":"2023-02-03T13:49:16","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/02\/03\/arnold-clark-customer-data-was-stolen-in-play-ransomware-attack\/"},"modified":"2023-02-03T07:49:16","modified_gmt":"2023-02-03T13:49:16","slug":"arnold-clark-customer-data-was-stolen-in-play-ransomware-attack","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/02\/03\/arnold-clark-customer-data-was-stolen-in-play-ransomware-attack\/","title":{"rendered":"Arnold Clark customer data was stolen in Play ransomware attack"},"content":{"rendered":"<div id=\"content-header\">\n<h2>Arnold Clark confirms data leaked on dark web was stolen from its systems in ransomware attack<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"Alex Scroxton\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Alex-Scroxton\">Alex Scroxton,<\/a><br \/>\n\t\t\t\t\t\t<span>Security Editor<\/span>\n\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>02 Feb 2023 11:15<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>Car dealer Arnold Clark is writing to a number of customers to inform them their personal data was stolen in a cyber attack claimed <a href=\"https:\/\/www.computerweekly.com\/news\/252529566\/Arnold-Clark-cyber-attack-claimed-by-Play-ransomware-gang\">by the increasingly prolific Play ransomware operation<\/a>.<\/p>\n<p>The 15GB data dump was posted to the <a href=\"https:\/\/www.techtarget.com\/whatis\/definition\/dark-web\">dark web<\/a> by an individual associated with the <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/252528594\/Play-ransomware-actors-bypass-ProxyNotShell-mitigations\">Play ransomware cartel<\/a>, and is now understood to include names, contact details, dates of birth, vehicle details, ID documents including licences and passports, National Insurance numbers and bank account details.<\/p>\n<p>Glasgow-based <a href=\"https:\/\/www.arnoldclark.com\/\">Arnold Clark<\/a>, which is one of Europe\u2019s largest family-run car sales networks, had previously said it believed it had been successful at protecting customer data, but it has now discovered this was not the case.<\/p>\n<p>\u201cWhile we were initially advised that all our data was secure, unfortunately, in the course of our investigation, it has become clear that during this incident, the attackers were able to steal copies of some data that we hold,\u201d the organisation said in a statement.<\/p>\n<p>\u201cWhile this crime and theft of data has been targeted towards Arnold Clark, we recognise the impact this could have on our partners and customers. We take their safety and the safety of their data very seriously.\u201d<\/p>\n<p>Besides writing to all affected and potentially affected customers, Arnold Clark has also stood up a dedicated contact centre to assist customers, and will be offering two years\u2019 worth of free fraud and credit protection services via Experian.<\/p>\n<p>The attack on Arnold Clark took place before Christmas on the evening of 23 December, and forced staff to fall back on pen and paper to record customer transactions after they were locked out of their computers. Customers who had been due to collect new vehicles were also left unable to do so.<\/p>\n<p>Arnold Clark added that as a result of the incident it is now rebuilding its networks in a new segregated environment. This may be taken as an indication that it has refused to negotiate or pay a ransom, although this is unconfirmed. For the time being, this means its operational systems are not yet fully functional, so customers may still experience some inconvenience.<\/p>\n<p>The firm additionally confirmed it is in contact with regulatory authorities including the <a href=\"https:\/\/ico.org.uk\/\">Information Commissioner\u2019s Office<\/a>. Given the apparent scale of the data breach that has unfolded, the incident carries the potential for large fines under the scope of the UK General Data Protection Regulation and the possibility of group legal actions from customers.<\/p>\n<section data-menu-title=\"Phishing risk\">\n<h3><i data-icon=\"1\"><\/i>Phishing risk<\/h3>\n<p>The volume and type of data stolen will be of immense value to cyber criminals, and in the near-term future puts Arnold Clark\u2019s customers at significantly elevated risk of falling victim not to the Play ransomware itself, but to follow-on <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/definition\/phishing\">phishing attacks<\/a> by opportunists.<\/p>\n<p>Those who may be affected should be aware of unusual or suspicious-looking emails from addresses they do not know and trust, and in particular should never open any unsolicited attachments or click on any links in them.<\/p>\n<p>The UK\u2019s National Cyber Security Centre has published thorough guidance on how to recognise and report phishing emails, <a href=\"https:\/\/www.ncsc.gov.uk\/collection\/phishing-scams\">which can be read here<\/a>.<\/p>\n<\/section>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on Data breach incident management and recovery<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.computerweekly.com\/news\/365529954\/Royal-Mail-recovers-more-International-Tracked-services\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Royal-Mail-postbox-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Royal-Mail-postbox-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Royal-Mail-postbox-adobe.jpg 1280w\" alt ><\/p>\n<h5>Royal Mail recovers more International Tracked services<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/news\/365529892\/Data-of-10-million-JD-Sports-customers-accessed-in-cyber-attack\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/online-shopping-retail-laptop-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/online-shopping-retail-laptop-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/online-shopping-retail-laptop-adobe.jpeg 1280w\" alt ><\/p>\n<h5>Data of 10 million JD Sports customers accessed in cyber attack<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/252529648\/Hive-ransomware-gang-taken-down-after-FBI-hacks-back\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/malware-ransomware-danger-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/malware-ransomware-danger-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/malware-ransomware-danger-adobe.jpg 1280w\" alt ><\/p>\n<h5>Hive ransomware gang taken down after FBI hacks back<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/252529566\/Arnold-Clark-cyber-attack-claimed-by-Play-ransomware-gang\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Car-vehicle-park-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Car-vehicle-park-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Car-vehicle-park-adobe.jpg 1280w\" alt ><\/p>\n<h5>Arnold Clark cyber attack claimed by Play ransomware gang<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/365530199\/Arnold-Clark-customer-data-was-stolen-in-Play-ransomware-attack\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Lawanda Geddes<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Arnold Clark confirms data leaked on dark web was stolen from its systems in ransomware attack By Alex Scroxton, Security Editor Published: 02 Feb 2023 11:15 Car dealer Arnold Clark is writing to a number of customers to inform them their personal data was stolen in a cyber attack claimed by the increasingly prolific Play<\/p>\n","protected":false},"author":1,"featured_media":604158,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1288,2647,46],"tags":[],"class_list":{"0":"post-604157","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-arnold","8":"category-clark","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/604157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=604157"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/604157\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/604158"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=604157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=604157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=604157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}