AutoCanada is warning that worker information could have been uncovered in an August cyberattack claimed by the Hunters Worldwide ransomware gang.
Though the agency says it has detected no fraud campaigns concentrating on impacted people, it’s sending notifications to alert affected folks of potential dangers.
In mid-August, the automotive dealership firm disclosed that it needed to take particular inner IT programs offline to include a cyberattack, resulting in operational disruptions.
Enterprise continued at AutoCanada’s 66 dealerships, however some customer support operations have been unavailable or impacted by delays.
Whereas the agency revealed no additional data or updates, the ransomware gang Hunters Worldwide claimed the assault with a put up on their extortion portal on September 17.
The menace actors revealed terabytes of information allegedly stolen from AutoCanada, together with databases, NAS storage pictures, executives’ data, monetary paperwork, and HR information.
In response to the issues about this information leak, AutoCanada revealed an FAQ web page with extra details about the cyberattack that was uncovered throughout their investigation.
“Our investigation is ongoing, and encrypted server content is being restored and analyzed as part of our incident response,” mentions the FAQ web page.
“We are currently working to determine the full scope of the data impacted by the incident, which may include personal information collected in the context of your employment with AutoCanada,”
Whereas AutoCanada says that information “may” have been uncovered, a safety researcher informed BleepingComputer that the info leaked by the ransomware gang clearly incorporates worker information.
The info that has been uncovered contains:
- Full title
- Deal with
- Date of start
- Payroll data, together with salaries and bonuses
- Social insurance coverage quantity
- Checking account quantity used for direct deposits
- Scans of government-issued identification paperwork
- Any private paperwork saved on a piece pc or drives tied to a piece pc
These impacted will obtain a three-year free-of-charge id theft safety and credit score monitoring protection by Equifax, with the enrollment deadline set to January 31, 2025.
Furthermore, the corporate says that impacted programs have been remoted from the principle community, the encryption course of was disrupted, compromised accounts have been disabled, and all admin accounts had their passwords reset.
AutoCanada says that whereas it can not give a 100% assure such a breach will not occur once more, it has taken measures to attenuate the probabilities. These measures embrace conducting thorough safety audits, implementing menace detection and response programs, reevaluating safety insurance policies, and organizing cybersecurity coaching for its staff.
The corporate says its enterprise and associated operations proceed with minimal disruption however supplied no estimates for full restoration.
In 2023, AutoCanada bought over 100,000 autos by its community, so if buyer information is included within the compromised information set, the incident could affect many individuals.
Nonetheless, there is not any indication that Hunters Worldwide exfiltrated buyer information.
BleepingComputer contacted AutoCanada to ask if they’ve any indication that buyer information was breached, too, however we’re nonetheless ready for a remark.