Italian luxury sports car maker Ferrari revealed it has suffered a data breach after it received a ransom demand from threat actors who compromised the company’s IT systems.
In a short statement regarding the incident Ferrari said that according to the company’s policy it “will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks.”
The automaker said it has launched an investigation into the matter and informed “customers of the potential data exposure and the nature of the incident.”
In a letter sent to affected clients the company explained that a threat actor gained access to a limited number of its IT systems and some customer data, including names, addresses, email addresses, and phone numbers.
Ferrari says it found no evidence that sensitive payment details or information on Ferrari cars owned or ordered have been stolen in the attack.
It’s unclear if the recent hack is related to an October 2022 incident that saw a ransomware group known as “RansomEXX” claim to have breached the carmaker. More than 7GB of allegedly Ferrari internal documents were posted to the gang’s victim blog, including data sheets and repair modules.