AutoCanada says ransomware attack "may" impact employee data
Amandeep - CCISO, CISSP, CISA, CRISC, CDPSE, PMP
Cybersecurity Leader ★ GRC Leader ★ People Leader ★ Cybersecurity Advisor ★ ERM Manager | Facilitating the leadership to elevate cybersecurity posture, meet compliance, and implement cybersecurity programs and frameworks
AutoCanada, a major car dealership company, has recently disclosed that a ransomware attack in August may have compromised employee data. The cyberattack, claimed by the ?????????????? ?????????????????????????? ???????????????????? ????????, forced AutoCanada to take specific internal IT systems offline to contain the threat, causing operational disruptions
?????? ???????????? ?????? ?????? ????????????
The ransomware gang Hunters International claimed responsibility for the attack on September 17, publishing terabytes of allegedly stolen data on their extortion portal.?This data reportedly includes databases, NAS storage images, executives' information, financial documents, and HR data
?????? ?????????????????????? ???????? ?????????????????????? ????????????????:
?? Full names and addresses
?? Dates of birth
?? Payroll information (salaries and bonuses)
?? Social insurance numbers
?? Bank account numbers for direct deposits
?? Scans of government-issued identification documents
?? Personal documents stored on work computers or associated drives
????????????????????'?? ????????????????
In response to the attack, AutoCanada has taken several measures:
?? Isolating impacted systems from the main network
?? Disrupting the encryption process
?? Disabling compromised accounts
?? Resetting passwords for all admin accounts
The company is offering affected employees three years of free identity theft protection and credit monitoring coverage through Equifax, with an enrollment deadline of January 31, 2025