A company that’s famous for selling old, used, and new cars is afraid to say that its database has been compromised. Moreover, a lot of data was breached during the event. Arnold Clark is a car retailer that sells 3 lakhs + cars/ annum. The retailer said the stolen data consists
- Bank Details
- ID Documents.
Clients got an email in which the notification about the UK-wide cyberattack was mentioned which happened on 23, Dec, 2023.
According to the Organization, all of their computer networks were shut down faster before Christmas Eve. IDs we were talking about were just copies of passports and driver’s licenses of clients.
It is also doubtful that many more things have been compromised. Some of them could be as follows
- Dates of Birth
- Vehicle Details
- Contact Details
- And National Insurance Numbers
Arnold Clark’s headquarter is in Glasgow, and it has almost 200 dealerships around Scotland and England. However, it’s not clear how many customers got the emails till now. Affected ones were offered a 2-year subscription pack to an Identity Fraud Checking Service.
That’s because the attack compromised the systems, and made it a bit hectic for normal users to keep their data safe. Chief Executive, Eddie Hawthorne, and Chief Operating Office Russell Barrie sent a letter to customers regarding the continuation of investigations. They also said
“Upon advice from our cyber security team, we understand that some personal data has been extracted by the hackers who carried out the cyber attack. We take the protection of your personal data extremely seriously, and we want to assure you that we are doing everything we can to minimize any risk to you from this incident.”
Arnold Clark, Statement
“While we were initially advised that all our data was secure. Unfortunately, in the course of our investigation, it has become clear that during this incident, the attackers were able to steal copies of some data that we hold.”
“During this incident, we have been in constant communication with the regulatory authorities and have sought useful guidance from the police. We will continue to do so to help other companies learn from our experience and be better prepared for possible situations such as this.”
Following the event, Clark has begun rebuilding the computer infrastructure to make a different security patch. That security patch will be able to prevent attackers away from continuing the attack and from trying to get to other parts of the compromised systems.
An angry customer known as “Paul Graham” from Clydebank confronted BBC Scotland and told them that he wasn’t notified about the breach for more than a month. “I just find it outrageous,” he said. “No one mentioned when I went into the dealership last week.”
He made a comment about not having a clear way to talk to Clark about the incident. Moreover, the affected clients were being treated with the dedicated toll-free number that wasn’t working properly. It was managed by Credit Protection Organization “Experian.”
He also added: “I think it is absolutely dreadful, especially when you think ‘what have they got?’ It could be enough to take over my whole identity – it’s frightening.”
Social Media becomes the medium to have conversations between the customer and the company regarding the potential General Data Protection Regulation (GDPR) breach.
According to the GDPR Legislation (allows a max fine of £17.5m), companies must notify impacted individuals without any delay.”
The organization was founded by Late Sir Arnold Clark. He opened his first showroom in Glasgow, Park Road, in 1954.
In 2004, Clark was bestowed with the fame of Britain’s pioneer billionaire car dealer in “Sunday Times” Rich List, 2016. That was before he died in 2017. The organization now has 193 dealerships, as well as is thought to be Europe’s greatest independent family-run car organization.
For more amazing facts & information like this, you can follow us on News4Hackers. Leave a comment if you have any queries.
Kindly read another articles: