Cyber Incident Victim: Wilkins Recreational Vehicles, Inc.

Wilkins Recreational Vehicles, Inc. (“Wilkins RV”), a New York-based recreational vehicle dealer, confirmed a data breach resulting from a Conti ransomware attack. The company first detected unauthorized access to its systems on February 8, 2022, though forensic analysis revealed the threat actors had infiltrated the network six days earlier on February 2, 2022. Initial access was traced to a phishing email containing malware that an employee opened, enabling the attackers to deploy ransomware. Upon discovery, Wilkins RV immediately secured its systems and initiated an investigation. The investigation confirmed the ransomware attack but could not determine whether data exfiltration occurred or which specific files the attackers accessed during the compromise period. The company refused to engage with or pay the ransomware operators’ demands.

The compromised data included names, driver’s license numbers, Social Security numbers, and credit or debit card numbers belonging to 17,408 customers. Wilkins RV completed its review of affected files by June 8, 2022, when it issued breach notification letters to all impacted individuals. The company operates seven dealership locations across New York, employs over 160 staff, and generates approximately $20 million in annual revenue. No operational disruptions or additional attacker tactics beyond the ransomware deployment were disclosed in regulatory filings. The incident highlighted the prevalence of phishing and ransomware threats, with Conti being a known ransomware variant frequently distributed via social engineering campaigns. Wilkins RV did not publicly disclose whether it implemented new security measures post-incident or whether regulatory penalties resulted from the breach.