Cyber Incident Victim: Ferrari

On October 2, 2022, the RansomEXX ransomware group listed luxury car manufacturer Ferrari on its leak site, claiming to have stolen 7 GB of internal company data. The gang alleged the stolen documents included contracts, invoices, repair manuals, and other confidential business information. Ferrari issued a public denial two days later, stating it had no evidence of a system breach, ransomware incident, or operational disruption. The company acknowledged reports of leaked documents but attributed the event to an unidentified external source rather than a confirmed compromise of its networks. Ferrari initiated an investigation to determine the origin of the leaked materials and committed to implementing necessary corrective measures based on findings. The RansomEXX posting did not disclose specific ransom demands, attack vectors, or timelines for data release.

RansomEXX had prior involvement in high-impact attacks, including the August 2021 disruption of Italy's Lazio region COVID-19 vaccination portal and a March 2022 attack against Scottish mental health charity VOX Scotland. Security analysts noted the group's history of targeting prominent organizations like technology firm Gigabyte, logistics provider Hellmann Worldwide, and luxury brand Zegna. The automotive sector faced increasing ransomware threats during this period, with June 2022 attacks against Japanese manufacturer Nichirin and February 2022 incidents impacting European car dealer Emil Frey. Ferrari had previously experienced indirect exposure through a 2021 ransomware attack on parts supplier Speroni by the Everest group, though no direct compromise occurred. Industry observers cautioned that ransomware operators frequently exaggerate claims, as demonstrated by Cl0p's erroneous attribution of an attack on South Staffordshire Water to Thames Water in September 2022 and LockBit's unsubstantiated June 2022 claims regarding cybersecurity firm Mandiant. Ferrari maintained its infrastructure remained secure throughout the event.