IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Cyber attack on car dealership Arnold Clark forces systems offline

The company was notified on 23 December about the suspicious incident and IT systems remain down, impacting customer-facing services

Car dealership Arnold Clark has confirmed the company was hit by a cyber attack last month.

The company said that it has managed to protect its customers' data as well as its systems and third-party partners. However, bringing down its network has caused a temporary disruption to its business and customers.

“Our external security partners have now been performing an extensive review of our whole IT network and infrastructure, which is a mammoth task, and they are providing guidance to our IT team on the re-enabling of our network and systems in a safe, secure and phased manner,” the company said.

Arnold Clark's Twitter account communicated that the dealership was experiencing technical issues affecting its systems and telephones. It apologised to customers and notified them it was trying to fix the problems, asking them to direct message its account on Twitter or email them for any queries instead.

Showrooms and branches are currently open and the company can serve customers through a temporary system until its full systems have been restored. Customer vehicle collections are expected to be resumed later this week.

The company revealed this week that it was originally notified by its external cyber security consultants of suspicious traffic on its network on 23 December. 

Related Resource

Getting board-level buy-in for security strategy

Why cyber security needs to be a board-level issue

Intercity 'Getting board-level buy-in for security strategy' whitepaper coverFree Download

Arnold Clark took steps internally to confirm the report with its cyber team and then decided to take down its network voluntarily. It called this a “purely protective measure”, which led it to cut its connectivity to the internet, its dealerships, and third-party connections.

“Based on the information available, it looks like Arnold Clark was able to detect the attack through its security service provider and disrupt it before it put any data at risk,” said Mark Lamb, CEO at HighGround to IT Pro. “This was a very positive step and it shows that Arnold Clark already had a strong security posture in place that proactively monitored for threats, so they could be identified and remediated before they caused harm.

“While it doesn’t look like Arnold Clark’s IT is fully back up and running, the company does appear to have protected its data and customers, which is undoubtedly the most important issue.”

UK-based car dealership Pendragon was also hit by a cyber attack in October 2022 by the LockBit ransomware group. The company confirmed it had been hit by an IT security incident but that its ability to operate wasn’t affected. Pendragon also stated that it would refuse to pay the $60 million (£53 million) ransom that the attackers demanded and instead restore from backups.

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
What's powering Britain’s fibre broadband boom?
Network & Internet

What's powering Britain’s fibre broadband boom?

3 Feb 2023