conti attacks TRUSTFORD

Incident Date:

April 4, 2022

World map

Overview

Title

conti attacks TRUSTFORD

Victim

TRUSTFORD

Attacker

Conti

Location

Sidcup Rd, United Kingdom

London SAQ, United Kingdom

First Reported

April 4, 2022

TrustFord, a UK-based Retail Sector Company, Suffers Ransomware Attack by Conti Group

Company Overview

TrustFord is a significant player in the UK's retail sector, specializing in Ford New & Used Cars, Servicing, Repairs & Parts. The company has a strong reputation for customer service, with testimonials on their website praising their professionalism and helpfulness.

Company Size and Industry Standout

TrustFord operates 65 dealerships across England and Northern Ireland, with a turnover of £1.4 billion in 2020 and a target of £2 billion in sales for the full year of 2021. The company's focus on customer service sets it apart in the industry, with a commitment to providing a high-quality experience for their customers.

Vulnerabilities and Targeting

The Conti group, known for its prolific and dangerous ransomware attacks, has targeted TrustFord, exploiting vulnerabilities in the company's IT systems. The attack has caused internal system outages, but the company remains open for business and able to answer enquiries.

The Conti group typically operates a dual-extortion model, attempting to charge victims to unlock their data and again to prevent public release of sensitive files. The attack on TrustFord is part of a growing trend of ransomware attacks on UK companies, with the National Cyber Security Centre releasing new guidance to help medium and larger organizations assess the cyber risks of working with third parties.

The ransomware attack on TrustFord by the Conti group highlights the ongoing threat of cybercrime in the retail sector. Despite the disruption caused by the attack, TrustFord remains committed to serving its customers and has engaged third-party experts to investigate and contain the incident.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.