Connect with us

Hi, what are you looking for?


Data Breaches

Ferrari Says Ransomware Attack Exposed Customer Data

Ferrari said that a ransomware attack was responsible for a data breach that exposed customer details, but did not impact company operations.

Ferrari website vulnerability

Italian sports car maker Ferrari said on Monday that a threat actor had demanded a ransom related to customer contact details that may have been exposed in a ransomware attack.

“Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm,” the iconic car maker said. “In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.”

The company did not say when the incident occurred, but it could be related to reports of a ransomware attack back in October 2022, when the “RansomEXX” group claimed it had stolen and leaked 7 GB of data from Ferrari—which Ferrari denied at the time.

“As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks,” Ferrari said in a statement on March 20. “Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident.”

In notifications sent via email to customers, Ferrari said the exposed information includes name, address, email address, and phone number. The company has found no evidence that financial information and details on owned or ordered cars have been compromised.

With Ferrari having one of the most expensive car lineups in the word, a contact list of wealthy customers is very attractive to cybercriminals and could give them the opportunity to customize malicious, targeted emails.

Advertisement. Scroll to continue reading.

Ferrari said the breach has not impacted operational functions of the company and that it has worked with “third party experts” to boost the security of its systems.

While Ferrari did not mention RansomEXX in its statement, the ransomware gang has been connected to several other attacks, including logistics giant Hellmann Worldwide, software and services firm Tyler Technologies, and several others.

Related: Cyber Insights 2023 | Ransomware

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.