'Large-scale' cyber-attack hits car dealer Arnold Clark with customers' banking and passport details stolen

1 February 2023, 11:44

Arnold Clark has been hit by a "large-scale" cyber-attack
Arnold Clark has been hit by a "large-scale" cyber-attack. Picture: Alamy

By Guy Stewart and Alan Zycinski

Car dealer Arnold Clark has been hit by a "large-scale" cyber-attack, with some customers' banking and passport details stolen.

National Insurance numbers have also been taken by hackers who targeted the UK’s largest independent car retailer.

The data breach took place on December 23rd and it has this week been confirmed some clients' information was taken.

A letter sent on Tuesday to some of those potentially affected warned: "Some personal data stored in our network may have been stolen, including names, contact details, dates of birth, vehicle details, ID documents (such as passports and driver’s licences), National Insurance numbers (in limited cases) and bank account details".

And bosses told LBC: "While we were initially advised that all our data was secure, unfortunately, in the course of our investigation, it has become clear that during this incident, the attackers were able to steal copies of some data that we hold.

Read more: Dad told daughters ‘mummy’s lost’ as pal of missing mum Nicola Bulley says ‘we just want her home’

Read more: TUC chief tells LBC public support for strikes won't dwindle even if it forces people to miss a family funeral

"Due to the type of cyber-attack that we have been subjected to, it is extremely difficult to accurately identify what has been stolen; however, our teams are working with our external advisors to understand the exact nature and extent of that data.

"While this crime and theft of data has been targeted towards Arnold Clark, we recognise the impact this could have on our partners and customers. We take their safety and the safety of their data very seriously, therefore while further analysis is ongoing, we have taken the following steps:

  • We have set up a dedicated call/help centre with our partners Experian to help those affected, or potentially affected, with more information.
  • We have written to affected and potentially affected customers and will continue that communication as our investigation progresses.
  • We have and will continue to provide cyber security updates on our websites.
  • We have offered our affected and potentially affected customers 24 months’ fraud/credit protection with Experian free of charge.

"During this incident we have been in constant communication with the regulatory authorities and have sought useful guidance from the police, and we will continue to do so to help other companies learn from our experience and be better prepared for possible situations such as this.

"As a result of this incident, we have taken the decision to rebuild our networks in a new segregated environment, which has meant that our operational systems are not yet fully functional, so we apologise for any inconvenience this may cause our customers."

LBC’s tech expert Will Guyatt warned: “This isn’t just going to be a several week thing, this is a long term thing.

"Lots and lots of the hacking groups involved in this kind of online crime – it’s a long game for them, they build up a picture of people

“I’m fairly surprised it’s taken this long to advise them (customers) given the extent of data that’s been lost.

"This is not a typical data loss, the scale and extent of this is large, it would appear they’ve lost everything including various documents that have been provided in the process of buying a car.

“It does take time to understand the extent sometimes.”