Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Exclusive: Ford says systems not breached, data exfiltrated from third party

Investigations by Ford Motor Company have confirmed with Cyber Daily that its systems were not breached and that no customer data was exfiltrated.

user icon Daniel Croft
Wed, 20 Nov 2024
Exclusive: Ford says systems not breached, data exfiltrated from third party
expand image

Earlier this week, infamous threat actor “EnergyWeaponUser”, the right-hand man of CyberN-----s leader IntelBroker, posted to a popular hacking forum claiming they had exfiltrated an “internal database” from Ford after breaching its network.

The threat actor said the exfiltrated database contained 44,000 records of “customer names, physical locations, bought product”.

Sample data shared in the post suggested customer names, customer addresses, country codes, customer type codes, city, sales types, account codes, last update, and other records, including “is parent?” and “PA_CD”, had been exfiltrated.

============
============

Yesterday (19 November), Ford Motor Company informed Cyber Daily that it had begun investigating the incident, but it has since revealed that its systems were not breached.

“Ford’s investigation has determined that there was no breach of Ford’s systems or customer data,” said Ford.

“The matter involved a third-party supplier and a small batch of publicly available dealers’ business addresses. It is our understanding that the matter has now been resolved.”

The car manufacturing giant did not name the third party, nor did it reveal the nature of the incident.

At the beginning of this year, Australian company Eagers Automotive suffered a cyber attack, which led to a halt in trading.

The Australian company owns a number of car dealerships nationwide for brands, including Audi, BMW, Bentley, Ford, Mercedes-Benz, Nissan, Porsche, Subaru, Toyota, and more.

Signs that an incident had occurred first appeared when Eagers Automotive requested an ASX trading halt on 27 December 2023. The company has since cited an outage as the reason for the halt.

“The company has experienced a cyber incident resulting in an outage that is disrupting parts of the company’s operations across Australia and New Zealand,” said Eagers Automotive in a letter to the ASX titled “Response to Cyber Incident”.

“We apologise to our customers for any inconvenience.

“While the majority of our dealerships remain open and continue to trade, the extent of the operational impact of the outage is varied across our regions and business units.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.