ransomexx attacks Ferrari

Incident Date:

October 2, 2022

World map



ransomexx attacks Ferrari






, Italy

Milano, Italy

First Reported

October 2, 2022

Ferrari Suffers Ransomware Attack, Exposing Customer Data

Company Overview

Ferrari, the renowned Italian luxury sports car manufacturer, has confirmed a ransomware attack that exposed customer contact details. The attack, claimed by the RansomEXX group on their dark web leak site, occurred before March 20, 2023. Ferrari operates in the Retail sector, with its operations spanning across research and development, manufacturing, and retail, positioning it as a complex organization with extensive operations.

Vulnerabilities and Impact

The ransomware attack led to the exposure of customer data, including names, addresses, email addresses, and phone numbers. Ferrari has assured that financial information and details regarding owned or ordered cars were not compromised. Nonetheless, the exposure of such sensitive information poses a risk of identity theft, financial fraud, or even physical harm to the affected customers. Despite the attack, Ferrari's operational functions remained uninterrupted, though the company has since enhanced its system security with the assistance of third-party experts.

Previous Attacks

RansomEXX is known for its involvement in several high-profile attacks, targeting entities such as logistics giant Hellmann Worldwide and software and services firm Tyler Technologies.

Response and Mitigation

In response to the attack, Ferrari has communicated with its customers about the potential data exposure and the nature of the incident. The company has taken a firm stance against paying ransom demands, emphasizing that succumbing to such demands would only fund criminal activities and encourage further attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.