Car dealer 'won't be held hostage' by hackers after ransom demand
Pendragon has refused to pay $60m despite threat to leak sensitive information
The UK’s second-largest car retailer is refusing to pay a ransom demand for $60m (£54m) from dark web hackers, The Times has discovered.
Pendragon, which is listed on the London Stock Exchange and operates the Evans Halshaw, Stratstone and Car Store brands, this morning told the paper that it had been undergoing a cyberattack for a month “by a gang connected to a sophisticated group known as LockBit 3.0”. Security experts had protected the system after 5% of its database had been breached, the dealer claimed.
Representatives of Pendragon have alerted authorities including the National Cyber Security Centre — part of GCHQ — police, information commissioner and Financial Conduct Authority.
The company said it is in daily contact with the gang, which has provided proof of the data breach, though has declined to enter into discussions about payment of the ransom into a bitcoin wallet despite being given a final warning that its information would be leaked onto the dark web today.
“We refuse to be held hostage by this group and we will not be paying a ransom demand,” Kim Costello, the chief marketing officer, said.
Clients of Pendragon including Aston Martin, BMW, Ferrari, Porsche, Jaguar Land Rover and Mercedes-Benz were informed about the breach this morning, and the group’s 4,000 staff were notified by email.
Lockbit has been linked to an ongoing hack of the Kingfisher insurance group along with cyberattacks on businesses in Japan and France, as well as on Ukrainian infrastructure following the invasion by Russia in February. However it claimed to be an apological multinational community for whom hacking “is just business”.
It added: “We are only interested in money for our harmless and useful work.”
Related articles
- After reading about Pendragon’s refusal to pay hackers a $60m ransom, you might be interested in how thieves hack into and steal keyless-entry cars
- Also check out how fake online car dealers ‘clone’ genuine retailers and lure victims with bargains
- And you might like to know that wrecked cars have been sold by some of the UK’s biggest car dealers with no mention of their chequered past
Latest articles
- 5 best city cars to buy in 2025
- Volkswagen previews tiny ID.1 electric car with tiny price of around £16,500
- Volvo ES90 electric saloon boasts up to 435 miles per charge and 0-62mph in four seconds
- F1 2025 calendar and race reports: The new Formula One season as it happens
- BMW 1 Series 2024 review: Big updates for BMW’s compact hatchback
- Audi launches new combustion-powered A6 Avant to sit alongside electric e-tron models
- XPeng G6 2025 review: Another Chinese SUV aiming to beat Tesla … and might have the X-factor to do it
- Kia expands electric range with PV5 vans, EV4 hatch and saloon and hint at small EV2 crossover
- Super-rare BMW M4 CS limited edition pays homage to race ace Valentino Rossi
