Retailer AM100 Holdcroft Motor Group is recovering from a cyberattack that reportedly left some of its core systems “damaged beyond repair”.
Staffordshire Police and the Information Commissioner’s Office (ICO) are investigating the attack, which Holddcroft staff have been warned resulted in the loss of data from internal storage areas and “some of the data that have been compromised may contain employees’ personal data”.
It was a ransomware attack accompanied by large payment demands
“This is a significant attack which must be taken very seriously and we are working closely with Staffordshire Police and the National Cyber Operational Unit to trace how this happened,” said Holdcroft to employees.
“We have now successfully resolved the majority of employee access issues, although some of our core systems have been damaged beyond repair or have been permanently deleted.”
After the July 27 cyberattack, Holdcroft’s dealer management system, which contains customer data, was not affected, and operations manager Chris Greenhall told the Stoke Sentinel newspaper that the group was grateful for the efforts of all of its employees and suppliers “who have worked tirelessly to limit disruption to our ongoing business”.
Holdcroft is now warning staff against accessing personal sites from their desktop computers and urging them to change their passwords for all personal accounts such as email, banking and pensions.
Employees are also encouraged to “stay alert” over the next few weeks and report any suspicious activity to the company’s IT department.
In March, automotive fintech company iVendi warned dealerships of an increased risk of cyberattacks after a group of European multi-market dealerships fell victim to hackers.
Ransomware attacks were highlighted by DMS Dragon2000 in 2017 as a threat to automotive retailers.