ferrari

Ferrari working with law enforcement after ransom demand from cybercriminals

A hacker contacted Ferrari and demanded a ransom for information stolen about their clients, prompting the Italian luxury sports car maker to contact law enforcement.

Ferrari director of communications Krista Florin declined to answer several questions about the incident, telling The Record that due to an “ongoing criminal investigation,” they are unable to share more information.

Ferrari would not say when they received the ransom demand, when the hack may have occurred or if it was connected to a ransomware incident. But in a statement published Monday evening, the company explained that they hired a cybersecurity firm after receiving the demand.

“Ferrari N.V. announces that Ferrari S.p.A., its wholly-owned Italian subsidiary, was recently contacted by a threat actor with a ransom demand related to certain client contact details,” the company said. “In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law. As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks.”

Instead of paying the ransom, Ferrari said it preferred to notify customers about the potential data exposure and the nature of the incident.

The statement adds that the breach had no impact on the operation functions of the company.

In a letter to customers, Ferrari said a threat actor managed to access a "limited number of systems" in its IT environment – exposing the names, addresses, email addresses and phone numbers of clients. The company did not respond to requests for comment about how many customers were affected.

No financial or bank information was included in the breach.

Despite claiming that they are now working with third-party experts to “further reinforce” their systems and are “confident in their resilience,” this is the latest in a series of cybersecurity incidents allegedly affecting the company.

In October 2022, the ransomware group RansomEXX claimed to have stolen 7 GB of data from the company. The stolen documents allegedly included contracts, invoices, internal company information, repair manuals and more.

The company told The Record at the time that there was “no evidence of a breach of its systems or ransomware.”

Reuters reported on another 2021 incident where the Everest ransomware group successfully attacked Speroni, a parts supplier for Ferrari, Lamborghini and Maserati.

The announcement also comes just two months after a researcher discovered cybersecurity bugs in vehicles from Ferrari and others that could have allowed for the full takeover of vehicles.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.