Breach Notification , Fraud Management & Cybercrime , Ransomware
LockBit 3.0 Claims Attack on Australian Auto Dealer Eagers
Eagers Says It Doesn't Know Full Extent of Hack But Has Started Contacting VictimsBrisbane, Australia-based retail group Eagers Automotive is investigating a cyberattack that disrupted parts of its regional operations and compromised the personal information of some of its customers. Eagers said Tuesday it doesn't know the full extent of the hack, but it has started notifying customers.
See Also: The Expert Guide to Mitigating Ransomware & Extortion Attacks
The automotive dealership group announced the cyber incident on Dec. 28, shortly after it had halted the trading of its shares at the Australian Securities Exchange. Eagers operates a wide range of motor vehicle dealerships across Australia and New Zealand and reported $4.8 billion in revenues in the first half of 2023.
Eagers said the cybersecurity incident affected IT systems at some locations in Australia and New Zealand, but a majority of its dealerships continue to operate. The company on Friday provided further details about the malicious cyberattack, stating that it disrupted the company's ability to complete transactions for some vehicles that had been ordered but not delivered.
"The disruption is primarily impacting our ability to finalize transactions for certain new vehicles, which have been sold and ready for delivery, and some aspects of the company's service and parts operations," Eagers said. "The extent of the operational impact of the outage is varied across our regions and business units."
Eagers said financial losses from the incident may be limited to some transactions that could not be completed in the last five days of December. The automotive retailer has engaged external cybersecurity experts to investigate the incident and has informed the Australian Cyber Security Center and the New Zealand National Cyber Security Center.
The company announced in an ASX filing on Tuesday that the cyber incident had "involved unauthorized access to parts of the company's IT systems by a third party, which accessed some data from our servers."
Eagers is notifying "a small number of individuals" whose data was accessed, but it did not state how many individuals were affected. "As the investigation progresses, further updates will be provided to customers, employees, shareholders, regulators and other stakeholders," the company said.
The LockBit 3.0 ransomware group claimed responsibility for targeting Eager's network. According to a screenshot posted by cybersecurity analyst Dominic Alvieri on X, the ransomware group listed the automotive retailer as a victim on its data leak site on Dec. 30 and has given the company a deadline of Jan. 19 to pay a ransom.
Eagers did not respond to Information Security Media Group's questions about the attack by the time of publication.
The attack took place not long after the Australian government had unveiled an AU$587 million cyber strategy to respond to growing cyberattacks targeting small businesses and corporations. Prime Minister Anthony Albanese said the strategy has the potential to convert Australia into a "world leader in cybersecurity" by the end of this decade (see: Australia Unveils AU$587M Strategy to Defeat Cybercrime).
In December, Nissan Oceania, the Japanese automotive giant's regional arm in Australia and New Zealand, suffered a cyber incident that affected some dealer systems and possibly compromised customers' personal information.
In an update on Dec. 22, the company said a third party had accessed some of its network systems in both countries. "We are working urgently with our global incident response team and cyber forensic experts to understand what information was impacted," the company said.