Just as many businesses were winding down for the Christmas break, car dealership Arnold Clark found itself shutting down its network. The retailer experienced a cyber-attack on 23 December, which caused ongoing disruption for the business and its customers.
While the group initially believed data wasn’t compromised, it has since emerged that attackers may have been able to steal copies of some customer information. And reports suggest this could include names, contact details, dates of birth, vehicle details, passport details, National Insurance numbers and even bank account details.
“On the evening of 23 December 2022, Arnold Clark Automobiles was a victim of a cyber-attack,” said a statement. “Our external security network consultants alerted us to unusual activity on our network, and we immediately took steps to minimize the impact of the attack by removing all external connections to our network to protect our customer data, third-party partners and our systems.”
The attack has reportedly been claimed by the Play ransomware group, and the Mail on Sunday alleges that information including addresses, passports and national insurance numbers may have been leaked on the dark web. Customer data is highly prized by cybercriminals, because it can be sold to scammers and used in identity fraud.
The attack is a timely reminder of just how disruptive a cyber-security incident can be for an organisation. Business is interrupted, resources are funnelled into dealing with the issue and – if it’s a ransomware attack – demands can run into the thousands. There’s also the potential damage to reputation to consider and, if data is stolen there may be a risk of fines. Just look at Gloucester council, which was fined £100,000 in 2017 by the Information Commissioner’s Office (ICO), after 30,000 emails containing sensitive information were downloaded in a cyber-attack.
Arnold Clark responded to its recent cyber breach by cutting connectivity to the internet, dealerships and its third-party connections, and putting customer vehicle collections on hold. The group also set up a dedicated call centre for all customers that were potentially affected and pledged 24 months’ free fraud protection with Experian. Meanwhile, the group’s external security partners have embarked on the “mammoth task” of reviewing the IT network and infrastructure, while the dealership rebuilds its networks in a new, segregated environment.
A rapid response is certainly vital if, like Arnold Clark, your business is faced with a cyber-attack. But with the cost of cyber-crime potentially running into the millions, this incident highlights how important it is to do everything you can to avoid in the first place. If you own a small or medium-sized business, don’t let it be an after-thought.
If you find the jargon overwhelming or think there’s little you can do to tackle criminals, we have good news for you. There are plenty of steps you can take to protect your organisation, and they don’t need to be complicated or cost a fortune. In fact, measures like two-factor authentication, automatic updates and password training are simple and free.
Make no mistake either, attacks like the one experienced by Arnold Clark don’t just happen to big businesses. Smaller firms are just as at risk too. In fact, research suggests they are even more vulnerable, and the consequences can be devastating. If your staff have low cyber-security awareness and your network has limited protection, you may make an easier target than a large-scale corporate.
So, do your due diligence and find the best methods to protect your systems and your data. If you’d like to find out more, contact us here at the Business Cyber Centre for free, no-nonsense advice. It’s our mission to help UK businesses become more cyber-secure, so why not see what we can do for you?