Arnold Clark, the UK’s largest independently owned car dealership, suffered a major ransomware attack late last year in which large volumes of sensitive customer data were stolen, the company said.

Among the data were stolen bank details, passport copies, driver’s licences, vehicle information, and National Insurance numbers, with other information likely targeted in the attack, claimed by the Play ransomware gang. 

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

The UK-wide breach occurred on December 23 with customers emailed about the incident on 2 February.  

In a statement, Arnold Clark said: “While we were initially advised that all our data was secure, unfortunately, in the course of our investigation, it has become clear that during this incident, the attackers were able to steal copies of some data that we hold. Due to the type of cyber attack that we have been subjected to, it is extremely difficult to accurately identify what has been stolen; however, our teams are working with our external advisors to understand the exact nature and extent of that data.”

Cybersecurity expert Achi Lewis, Area vice-president, EMEA, for Absolute Software, said: “Uncertain economic times and the lead-up to a holiday make the perfect storm for cyber-attackers, often creating a more relaxed and weakened security posture to be exploited. Ransomware attacks don’t discriminate against any sector, with the automotive industry home to vast volumes of sensitive data, demanding both preventative and reactive cybersecurity measures to be put in place by organisations.” 

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“Companies across all industries should take this opportunity to evaluate their current cyber posture, implementing measures such as resilient Zero Trust to prevent threat actors from breaching devices, applications and networks. Resilient Zero Trust is a security model that authenticates users on a case-by-case basis, only allowing access to devices and applications if there are no signs of suspicious activity. If unusual behaviour is detected, access can be frozen or shut off by a centralised IT team to prevent a breach.” 

“Ransomware attacks are a case of when, not if, so it is imperative that organisations focus on their response protocols as well as prevention. Leveraging self-healing solutions can help to recover and repair devices that have been breached, protecting them from future attacks. A full recovery can take months or even years from the initial investigation, so ensuring high cyber preparedness is vital.” 

Arnold Clark owns nearly 200 dealerships across Scotland and England, selling more than 300,000 cars each year. Arnold Clark is asking affected customers to contact: customerservice@arnoldclark.com.

How car dealers can adapt to digital challenges in 2022

Arnold Clark owners rank among Britain’s wealthiest people: Rich List 2022