Ferrari Attacked

Date:

March 20, 2023

World map

Overview

Title

Ferrari Attacked

Victim

Ferrari

Attacker

Unknown

Location

Maranello, Italy

Maranello,

Size of Attack

Unknown/TBD

First Reported

March 20, 2023

Last Updated

October 31, 2022

Italian luxury sportscar manufacturer Ferrari has informed customers that it was the victim of a ransomware attack that exposed the personal information of customers.

“We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment. As part of this incident, certain data relating to our clients was exposed including names, addresses, email addresses and telephone numbers,” Ferrari CEO Benedetto Vigna said in a letter to affected customers.  

“Your data may have been included as part of this incident. However, based on our investigation, no payment details and/or bank account numbers and/or other sensitive payment information, nor details of Ferrari cars owned or ordered have been stolen.”

Vigna went on to say that production systems were not impacted, and that the company "will not be held to ransom as paying such demands continues to fund criminal activity and enables threat actors to perpetuate their attacks.”

According to reports, it is uncertain if the attack is related to reports of an October 2022 incident where the RansomEXX had claimed to have successfully attacked the carmaker, which Ferrari never confirmed.  

“A listing on the RansomEXX website, seen by TechCrunch, lists seven gigabytes of data allegedly stolen from Ferrari, including internal documents, data sheets and repair manuals,” TechCrunch reported.

Takeaway: “The ransomware attack against Ferrari - which appears to include the exfiltration of sensitive data that exposed client 'names, addresses, email addresses and telephone numbers' and potentially other information - highlights the fact that this is not just a ransomware problem, it is a major data loss issue too. Even if Ferrari did everything right with regard to securing the data, and even if they do everything right with regard to the incident response measure, the fact is ransomware gangs are intent on stealing data to force victims into paying the ransom demand, and often this means that there is collateral damage to the entities whose sensitive data is exposed," Jon Miller, CEO & Co-founder of Halcyon, told CyberWire.

"Remember, the focus for ransomware operators is to cause as much pain as possible for victim orgs in order to extract the highest payment possible - this means even if the victim org pays the ransom, the attackers still have the data and can sell or expose it, or come back to the victim org and ask for even more money. Not paying ransom demands does not end the financial incentive for these attacks - defeating the attack before they can exfiltrate data and before they can disrupt operations is the only way to make these attacks unprofitable,” Miller told the CyberNews.

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more.

Italian luxury sportscar manufacturer Ferrari has informed customers that it was the victim of a ransomware attack that exposed the personal information of customers...

Oh no!

This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.

LockBit attacks Leos Jeans
Date
November 15, 2023
Ransomware group
LockBit
Location

Butzbach, Germany

Butzbach, Germany

Industry
Retail Trade
Victim
Leos Jeans
LockBit attacks Leos Jeans
Date
November 15, 2023
Ransomware group
LockBit
Location

Butzbach, Germany

Butzbach, Germany

Industry
Retail Trade
Victim
Leos Jeans
BlackCat/ALPHV attacks 4set
Date
November 14, 2023
Ransomware group
ALPHV
Location

Bizkaia, Spain

Basco, Spain

Industry
Professional, Scientific & Technical Services
Victim
4set
BlackCat/ALPHV attacks 4set
Date
November 14, 2023
Ransomware group
ALPHV
Location

Bizkaia, Spain

Basco, Spain

Industry
Professional, Scientific & Technical Services
Victim
4set
Cuba attacks DiagnosTechs
Date
November 14, 2023
Ransomware group
Cuba
Location

Federal Way, USA

Washington, USA

Industry
Professional, Scientific & Technical Services
Victim
DiagnosTechs
Cuba attacks DiagnosTechs
Date
November 14, 2023
Ransomware group
Cuba
Location

Federal Way, USA

Washington, USA

Industry
Professional, Scientific & Technical Services
Victim
DiagnosTechs
NoEscape attacks Carespring Health Care Management
Date
November 14, 2023
Ransomware group
NoEscape
Location

Cincinnati, USA

Ohio, USA

Industry
Healthcare
Victim
Carespring Health Care Management
NoEscape attacks Carespring Health Care Management
Date
November 14, 2023
Ransomware group
NoEscape
Location

Cincinnati, USA

Ohio, USA

Industry
Healthcare
Victim
Carespring Health Care Management
BlackCat/ALPHV attacks Execuzen
Date
November 14, 2023
Ransomware group
ALPHV
Location

London, United Kingdom

London, United Kingdom

Industry
Professional, Scientific & Technical Services
Victim
Execuzen
BlackCat/ALPHV attacks Execuzen
Date
November 14, 2023
Ransomware group
ALPHV
Location

London, United Kingdom

London, United Kingdom

Industry
Professional, Scientific & Technical Services
Victim
Execuzen
LockBit attacks University of the Aegean
Date
November 13, 2023
Ransomware group
LockBit
Location

Mytilene, Greece

Mytilene, Greece

Industry
Education
Victim
University of the Aegean
LockBit attacks University of the Aegean
Date
November 13, 2023
Ransomware group
LockBit
Location

Mytilene, Greece

Mytilene, Greece

Industry
Education
Victim
University of the Aegean
LockBit attacks Hotel Ampere Paris
Date
November 12, 2023
Ransomware group
LockBit
Location

Paris, France

Paris, France

Industry
Accommodations & Food Services
Victim
Hotel Ampere Paris
LockBit attacks Hotel Ampere Paris
Date
November 12, 2023
Ransomware group
LockBit
Location

Paris, France

Paris, France

Industry
Accommodations & Food Services
Victim
Hotel Ampere Paris
LockBit attacks Carson Team
Date
November 12, 2023
Ransomware group
LockBit
Location

Portland, USA

Oregon, USA

Industry
Other
Victim
Carson Team
LockBit attacks Carson Team
Date
November 12, 2023
Ransomware group
LockBit
Location

Portland, USA

Oregon, USA

Industry
Other
Victim
Carson Team
Cuba attacks Port Adelaide FC
Date
November 12, 2023
Ransomware group
Cuba
Location

Alberton, Australia

South Australia, Australia

Industry
Arts, Entertainment & Recreation
Victim
Port Adelaide FC
Cuba attacks Port Adelaide FC
Date
November 12, 2023
Ransomware group
Cuba
Location

Alberton, Australia

South Australia, Australia

Industry
Arts, Entertainment & Recreation
Victim
Port Adelaide FC
LockBit attacks Floortex
Date
November 11, 2023
Ransomware group
LockBit
Location

Tewkesbury, United Kingdom

Gloucestershire, United Kingdom

Industry
Manufacturing
Victim
FloorTex
LockBit attacks Floortex
Date
November 11, 2023
Ransomware group
LockBit
Location

Tewkesbury, United Kingdom

Gloucestershire, United Kingdom

Industry
Manufacturing
Victim
FloorTex