Just got this… Image Unavailable, Please Login Image Unavailable, Please Login Image Unavailable, Please Login Sent from my iPhone using Tapatalk
Their reaction seems fishy. They should come out clean as to what is stolen. I got the same letter. Only name and address and phone number???? Come on…. Sent from my iPhone using FerrariChat
. Be prepared to receive spam calls asking if your interested in an Extended Car Warranty Offer! ...... sign up now and they'll throw in a free chimney cleaning!
I'm not worried...my phone is always busy, so they will never get thru...err...wait, that's with other calls offering me extended warranties...
No Vin or history huh… https://samcurry.net/web-hackers-vs-the-auto-industry/ Sent from my iPhone using FerrariChat
I did notice more spam emails the past week. Lots of US stuff. Costco, concealed carry, CVS… I’m middle eastern. I didn’t even know what these were.
Very interesting article about possible physical threats the culprits might attempt to carry out on customers' vehicles while in motion.
From what they say - and also who received that email - I think one of the files stolen was their "marketing" database (for instance with the information you give when you take part in a Ferrari event) and not their customer database.
The fact that they asked ransom makes me wonder what the hackers got. I doubt Ferrari has any idea of what they got stolen. Sent from my iPhone using FerrariChat
https://www.securityweek.com/ferrari-says-ransomware-attack-exposed-customer-data/ Quote, "The company did not say when the incident occurred, but it could be related to reports of a ransomware attack back in October 2022, when the “RansomEXX” group claimed it had stolen and leaked 7 GB of data from Ferrari—which Ferrari denied at the time.". If this is true the company has delayed informing its customers for 6+ months of the leakage of their personal data.
Hackers typically provide exemples of what they stole to substantiate their ransom demands - they would give samples if what they feel has the most value to the victim.
As a gesture of goodwill, Ferrari should give 1:18 models to all affected customers. Sent from my iPhone using FerrariChat
Yeah, no offer of credit monitoring or anything. Just "we screwed up, and you're screwed, but we're Ferrari and you're our ******* so it will be ok from our perspective."
I'm more concerned about the concept they may have known about this for as long as 6 months and only NOW are telling us.
In most of the "ransomeware" attacks, when the hackers are able to access data, they encrypt it, so the hackee looses access to all data unless they pay the ransom. Most have few options but to pay or permanently lose all of the data. The hack where they steal the data and then say "pay me and I won't use the information" is less typical I think.
We're starting to see more of the latter style, now that most businesses with the $$$ have implemented decent resiliency setups. Once you have immutable backups and quick-recovery VM systems, ransomware per se becomes less problematic. But reputational risk is still a huge problem, so data exfiltration is the choice of modern bad actors.