Go to listing page

Pendragon Refuses to Pay $60 Million in Ransomware Extortion

Pendragon Refuses to Pay $60 Million in Ransomware Extortion
Pendragon, a car dealership group, confirmed that cyber extortionists claimed to have stolen 5% of its data by hacking into its IT servers.
 

What happened?

As per media reports, the LockBit 3.0 ransomware gang has demanded from Pendragon a cryptocurrency ransom equivalent to $60 million.
According to Lockbit's dark web leak site, cyber extortionists are threatening to disclose files stolen from Pendragon on October 29.
The car dealership group, however, has made it crystal clear that they have had no discussion with the lockbit ransomware gang and aren’t going to pay the ransom demand.

Pendragon’s website has been constantly updating its response to everyone concerned regarding the LockBit ransomware attack.

The company has reported the lockbit malware attack to the Information Commissioner's Office (ICO) and the police and informed the National Cyber Security Centre (NCSC).

It further adds that the attack by the cyber extortionists has not affected the company’s ability to serve customers and that it has since secured its systems.
Interestingly, Pendragon has successfully obtained an interim injunction from the High Court against the threat actor.

The injunction allows the company to demonstrate to its clients that they are doing everything possible to keep the information from being leaked and protects the company from future legal action.

Furthermore, if the perpetrators are ever identified, the existence of the injunction may aid in seeking restitution one day, perhaps by seizing their assets.
Cyber extortionists only continue to blackmail hacked companies because they occasionally succeed in defrauding their victims of millions of dollars in cryptocurrency.
 

Other recent attacks by Lockbit

  • Kingfisher acknowledged the attack on its IT systems after the LockBit ransomware group’s leak site claimed to steal 1.4TB of the company`s data.
  • Oomiya, a Japanese microelectronics and facility system designer and manufacturer, was hit by a LockBit 3.0 affiliate. The operators claim to have stolen company data and threaten to leak it.
  • Advanced, an MSP to the U.K NHS, confirmed the August cyberattack affected a limited amount of data related to 16 of its Caresys and Staffplan customers.

Closing thoughts

Cyberattacks involving ransomware have witnessed a growth of 80% year-over-year, and they’ll continue to evolve in all probability. However, the root causes behind ransomware infections don’t evolve all that much. Organizations must focus on proactively eliminating those security gaps.
Cyware Publisher

Publisher

Cyware