Ransomware Attack

Pendragon Auto Dealer Rejects $60 Million Ransomware Demand

Pendragon, a U.K.-based vehicle dealer group with over 160 vehicle dealerships, was allegedly compromised by LockBit ransomware, which demanded $60 million in return for decrypting files.

Pendragon is the owner of the luxury car retailers CarStore, Evans Halshaw, and Stratstone. These companies sell a range of vehicles, from Jaguar, Porsche, Ferrari, Mercedes-Benz, BMW, Land Rover, Ford, Hyundai, Nissan, Peugeot, Vauxhall, Citroen, DS, Dacia, and DAF, for a variety of price points.

The security incident was confirmed by Pendragon in a public statement, but the company suppressed additional information, other than to say that it would not have an impact on their business.

In the security notification, Pendragon claims:

We have found suspicious activity on part of our IT systems and have confirmed we experienced an IT security incident. This has not affected our ability to operate, and we continue to service our customers and communities as normal.

Negotiations between LockBit and Pendragon

Kim Costello, the company’s chief marketing officer, however, claimed that the LockBit ransomware group was responsible for the attack and claimed that it took place about a month ago in an interview for The Times published on Friday.

Despite having communication with the hackers and receiving stolen information as evidence of the breach, the company did not engage in negotiations, claims Costello.

Pendragon refused to pay ransomware, as a response the extortionists threatened to publish files taken from Pendragon on Saturday, October 29, according to a visit to Lockbit’s leak website on the dark web.

lockbit Warning to Pnedragon
Lockbit Extorsion Warning

According to the company’s representative, Pendragon will stand by its decision to refuse to pay the attackers. The business also informed the Data Protection Authority and UK law enforcement about the attack. The spokesman also stated that just 5% of the data was stolen by the hackers, and that Pendragon’s IT staff responded quickly to the issue.

Nevertheless, obtaining an intervention against the extortionists enables Pendragon to prove to their clients that they are making every effort to prevent the information from being disclosed and may even help in defending the business against further legal action.

In addition, Bleeping Computer believes that the £400 million purchase bid from the Swedish automaker Hedin Group corresponds with LockBit’s attack on Pendragon.

Help your colleagues keep a security-first mindset and boost your human firewall by starting your Phishing Tackle security awareness training today with our two-week free trial.

Recent posts