Ferrari discloses data breach after a ransomware attack

Ferrari has disclosed a data breach following a ransomware attack where the attackers gained access to some of the company’s IT systems.

“We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment,” Ferrari says in breach notification letters to customers.

The Italian luxury sports car maker says customer information exposed in the incident includes names, addresses, email addresses, and telephone numbers. 

So far, Ferrari is yet to find evidence that payment details, bank account numbers, or other sensitive payment information was accessed or stolen.

“Ferrari N.V. announces that Ferrari S.p.A., its wholly-owned Italian subsidiary, was recently contacted by a threat actor with a ransom demand related to certain client contact details,” the company .

After discovering the breach, Ferrari also reported the attack to relevant authorities and is working with a cybersecurity company to investigate the scope of the impact.

“As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks,” the company added.

“Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident.”

Ferrari has also taken measures to secure the compromised systems and says the attack has had no impact on the company’s operations.

A Ferrari spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.