AutoCanada is warning that worker information could have been uncovered in an August cyberattack claimed by the Hunters Worldwide ransomware gang.
Though the agency says it has detected no fraud campaigns concentrating on impacted people, it’s sending notifications to alert affected individuals of potential dangers.
In mid-August, the automobile dealership firm disclosed that it needed to take particular inside IT programs offline to include a cyberattack, resulting in operational disruptions.
Enterprise continued at AutoCanada’s 66 dealerships, however some customer support operations had been unavailable or impacted by delays.
Whereas the agency revealed no additional data or updates, the ransomware gang Hunters Worldwide claimed the assault with a publish on their extortion portal on September 17.
The risk actors revealed terabytes of information allegedly stolen from AutoCanada, together with databases, NAS storage photos, executives’ data, monetary paperwork, and HR information.
In response to the issues about this information leak, AutoCanada revealed an FAQ web page with extra details about the cyberattack that was uncovered throughout their investigation.
“Our investigation is ongoing, and encrypted server content material is being restored and analyzed as a part of our incident response,” mentions the FAQ web page.
“We’re at the moment working to find out the complete scope of the info impacted by the incident, which can embody private data collected within the context of your employment with AutoCanada,”
Whereas AutoCanada says that information “could” have been uncovered, a safety researcher advised BleepingComputer that the info leaked by the ransomware gang clearly incorporates worker information.
The info that has been uncovered consists of:
- Full title
- Tackle
- Date of beginning
- Payroll data, together with salaries and bonuses
- Social insurance coverage quantity
- Checking account quantity used for direct deposits
- Scans of government-issued identification paperwork
- Any private paperwork saved on a piece laptop or drives tied to a piece laptop
These impacted will obtain a three-year free-of-charge identification theft safety and credit score monitoring protection via Equifax, with the enrollment deadline set to January 31, 2025.
Furthermore, the corporate says that impacted programs had been remoted from the principle community, the encryption course of was disrupted, compromised accounts had been disabled, and all admin accounts had their passwords reset.
AutoCanada says that whereas it can not give a 100% assure such a breach will not occur once more, it has taken measures to attenuate the probabilities. These measures embody conducting thorough safety audits, implementing risk detection and response programs, reevaluating safety insurance policies, and organizing cybersecurity coaching for its workers.
The corporate says its enterprise and associated operations proceed with minimal disruption however supplied no estimates for full restoration.
In 2023, AutoCanada bought over 100,000 autos via its community, so if buyer information is included within the compromised information set, the incident could affect many individuals.
Nevertheless, there is not any indication that Hunters Worldwide exfiltrated buyer information.
BleepingComputer contacted AutoCanada to ask if they’ve any indication that buyer information was breached, too, however we’re nonetheless ready for a remark.