AutoCanada is warning that worker knowledge could have been uncovered in an August cyberattack claimed by the Hunters Worldwide ransomware gang.
Though the agency says it has detected no fraud campaigns concentrating on impacted people, it’s sending notifications to alert affected individuals of potential dangers.
In mid-August, the automobile dealership firm disclosed that it needed to take particular inside IT programs offline to include a cyberattack, resulting in operational disruptions.
Enterprise continued at AutoCanada’s 66 dealerships, however some customer support operations have been unavailable or impacted by delays.
Whereas the agency revealed no additional data or updates, the ransomware gang Hunters Worldwide claimed the assault with a publish on their extortion portal on September 17.
The menace actors revealed terabytes of knowledge allegedly stolen from AutoCanada, together with databases, NAS storage photographs, executives’ data, monetary paperwork, and HR knowledge.
In response to the issues about this knowledge leak, AutoCanada revealed an FAQ web page with extra details about the cyberattack that was uncovered throughout their investigation.
“Our investigation is ongoing, and encrypted server content material is being restored and analyzed as a part of our incident response,” mentions the FAQ web page.
“We’re presently working to find out the total scope of the information impacted by the incident, which can embrace private data collected within the context of your employment with AutoCanada,”
Whereas AutoCanada says that knowledge “could” have been uncovered, a security researcher advised BleepingComputer that the information leaked by the ransomware gang clearly accommodates worker knowledge.
The info that has been uncovered consists of:
- Full identify
- Handle
- Date of start
- Payroll data, together with salaries and bonuses
- Social insurance coverage quantity
- Checking account quantity used for direct deposits
- Scans of government-issued identification paperwork
- Any private paperwork saved on a piece laptop or drives tied to a piece laptop
These impacted will obtain a three-year free-of-charge id theft safety and credit score monitoring protection by means of Equifax, with the enrollment deadline set to January 31, 2025.
Furthermore, the corporate says that impacted programs have been remoted from the primary community, the encryption course of was disrupted, compromised accounts have been disabled, and all admin accounts had their passwords reset.
AutoCanada says that whereas it can’t give a 100% assure such a breach will not occur once more, it has taken measures to attenuate the possibilities. These measures embrace conducting thorough security audits, implementing menace detection and response programs, reevaluating security insurance policies, and organizing cybersecurity coaching for its staff.
The corporate says its enterprise and associated operations proceed with minimal disruption however supplied no estimates for full restoration.
In 2023, AutoCanada bought over 100,000 automobiles by means of its community, so if buyer knowledge is included within the compromised knowledge set, the incident could influence many individuals.
Nevertheless, there is no indication that Hunters Worldwide exfiltrated buyer knowledge.
BleepingComputer contacted AutoCanada to ask if they’ve any indication that buyer knowledge was breached, too, however we’re nonetheless ready for a remark.