Cyber-attack – a real threat to motor dealerships


If the automotive sector doesn’t have enough to worry about along comes an invisible threat that no dealership can afford to ignore.

Whilst many think the threat of a cyber-attack comes from teenage tech geeks with nothing better to do than to create mayhem and mischief, in most cases this is far from reality. With rising reports of business disabling techniques, extortion and blackmail with untraceable ransom demands, the impact on businesses and their owners is truly devastating. In some cases this leads to businesses being unable to trade and subsequent fines for the mis-storing of data securely can result in eyewatering penalties.

Just this week we heard that one of the UK’s largest automotive retailers, Pendragon, was held to ransom for circa £53m after a very “sophisticated” hacker group infiltrated its IT systems. On Friday 21st October the firm issued a series of security updates stating that it was responding to an ‘IT security incident’ which had been reported to the NCSC (National Cyber Security Centre) and also the Police. The Times reported that Pendragon IT servers had been hacked by “a sophisticated group known as LockBit 3.0 which had managed to steal around 5% of its database”. We since understand the hackers demanded Pendragon paid $60m into a bitcoin wallet otherwise they threatened the data would be released onto the dark web.

Chris Hannett MD of Cymplify, dark web experts and cyber security advisers for Armstrong Watson clients, said, “Aside from how devastating this is for Pendragon, this serves as both a cautionary tale and some valuable context for Armstrong Watson’s automotive clients that this is a real-world issue that is on the rise. £53m is an astronomical amount of money and Lockbit specialise in what is called double extortion (even triple) - this means they actually hack the business first, steal data and then lock the business up with Ransomware. They then use the stolen data to prove the compromise and incentivise the victim business to pay by threatening to expose it publicly.”

Chris went on to say, “there is a huge amount of highly sensitive financial and personal data franchised motor dealerships hold on their customers within their IT system and network. This is the lucrative data hackers are actively looking to exfiltrate. However, there is also the significant risk of two other things, a dealership’s connection into other suppliers and also suppliers’ connections into the dealership.”

This is a significant warning! You can only imagine the impact of having to pay a ransom or not being able to trade indefinitely. There’s also the potential liability to individuals in terms of compensation, plus the immediate loss of connection to the supply chain and the actual car manufacturers you need to be able to trade, not to mention the reputational risk if sensitive data is stolen.

How can you protect your motor dealership against a cyber-attack?

Our Cyber Security partners are able to review your networks and check what information is seen by hackers on the dark web, we identify exposure to attacks, breaches, and the Attacker View of your business and most importantly, offer solutions and advice to safeguard against any future attack.

If you’d like to learn more about how you can reduce the threat of information breach or cyber-attack for your automotive business, we are here to help. For a no-obligation and confidential initial consultation please contact

Contact us