Share this article on:
Investigations by Ford Motor Company have confirmed with Cyber Daily that its systems were not breached and that no customer data was exfiltrated.
Earlier this week, infamous threat actor “EnergyWeaponUser”, the right-hand man of CyberN-----s leader IntelBroker, posted to a popular hacking forum claiming they had exfiltrated an “internal database” from Ford after breaching its network.
The threat actor said the exfiltrated database contained 44,000 records of “customer names, physical locations, bought product”.
Sample data shared in the post suggested customer names, customer addresses, country codes, customer type codes, city, sales types, account codes, last update, and other records, including “is parent?” and “PA_CD”, had been exfiltrated.
Yesterday (19 November), Ford Motor Company informed Cyber Daily that it had begun investigating the incident, but it has since revealed that its systems were not breached.
“Ford’s investigation has determined that there was no breach of Ford’s systems or customer data,” said Ford.
“The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses. It is our understanding that the matter has now been resolved.”
The car manufacturing giant did not name the third party, nor did it reveal the nature of the incident.
At the beginning of this year, Australian company Eagers Automotive suffered a cyber attack, which led to a halt in trading.
The Australian company owns a number of car dealerships nationwide for brands, including Audi, BMW, Bentley, Ford, Mercedes-Benz, Nissan, Porsche, Subaru, Toyota, and more.
Signs that an incident had occurred first appeared when Eagers Automotive requested an ASX trading halt on 27 December 2023. The company has since cited an outage as the reason for the halt.
“The company has experienced a cyber incident resulting in an outage that is disrupting parts of the company’s operations across Australia and New Zealand,” said Eagers Automotive in a letter to the ASX titled “Response to Cyber Incident”.
“We apologise to our customers for any inconvenience.
“While the majority of our dealerships remain open and continue to trade, the extent of the operational impact of the outage is varied across our regions and business units.”