Ferrari says ransomware attack exposed customers’ personal data

Italian supercar manufacturer Ferrari has confirmed it was hit by a ransomware attack that exposed customers’ personal information.

“We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment,” Ferrari CEO Benedetto Vigna said in a letter sent to affected customers.

The carmaker said that hackers accessed customers’ names, addresses, email addresses and telephone numbers. Based on its investigation so far, Ferrari said no payment information or details of Ferrari cars owned or ordered had been stolen, though it’s not clear if the carmaker has the technical ability, such as logs, to detect data exfiltration.

“We can also confirm the breach has had no impact on the operational functions of our company,” Ferrari said in a separate statement.

Ferrari won’t say how many customers are affected by the breach or how or when the company was compromised. The carmaker hasn’t responded to TechCrunch’s questions.

It’s unclear if the breach is linked to an October incident, when a ransomware group known as “RansomEXX” claimed to have breached the carmaker, which Ferrari at the time denied. A listing on the RansomEXX website, seen by TechCrunch, lists 7GB of data allegedly stolen from Ferrari, including internal documents, data sheets and repair manuals.

Ferrari’s CEO said that the company has not paid the unnamed hackers’ ransom demand, saying that doing so “does not fundamentally change the data exposure.”

Ferrari said that after receiving the ransom demand, the amount of which remains unknown, it started an investigation with a third-party cybersecurity company.