Pendragon Sentenced to $60 Million Ransom by Dark Web Hackers – Car Dealer Magazine

Dealership group Pendragon is currently the subject of a cyberattack and is being held to ransom $60m (£54m) by hackers.

The listed company, which has around 160 showrooms across the UK and uses the names Evans Halshaw and Stratstone, had its computer servers hacked, with dark web hackers stealing 5% of its database .

The gang is connected to a group known as LockBit 3.0, the Times said.

The hackers want Pendragon to deposit the $60m (£54m) into a Bitcoin wallet.

Otherwise, hackers will post sensitive data on the dark web today (October 21), it is believed.

Pendragon said it did not participate in the payment discussions, adding that it took steps to protect the rest of its system.

The company’s marketing director, Kim Costello, told the newspaper, “We refuse to be held hostage by this group and will not pay a ransom demand.”

Today, Pendragon also issued a press release stating, “We have identified suspicious activity on a portion of our computer systems and have confirmed that we have experienced a computer security incident.”

“This has not affected our ability to operate and we continue to serve our customers and communities as usual.

“Upon discovery, we took immediate action to contain the incident.

“Our security specialists have launched a thorough investigation to fully assess what happened and we will keep our customers and partners informed.”

“To add, the Pinewood dealer management system was and remains completely unchanged.”

He went on to say, “We have reported this to the National Cyber ​​Security Centre, the Information Commissioner’s Office, the FCA and the police.”

Pendragon also alerted its manufacturing partners and warned its 4,000 employees.

Costello also said, “Earlier this month, we became aware that our computer systems had been compromised.

“Upon discovery, we took immediate action to contain the incident, but we can confirm that some data was stolen.

“We were contacted by LockBit, a criminal organization who demanded that we pay tens of millions of dollars by a deadline or they would release the data on the dark web.”

LockBit is a prolific criminal hacking group, and is believed to have recently targeted insurance company Kingfisher and NHS provider Advance Health and Care.

In August, it was reportedly behind around 40% of ransomware requests.

Hackers target Holdcroft dealership group in major cyberattack that may have compromised employee data