This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Eagers Automotive

Summary

Eagers Automotive, a Brisbane-based retail group and Australia's largest automotive dealer network, experienced a cyberattack in late December 2023 (publicly addressed in January 2024) that disrupted operations and resulted in unauthorized access to customer data. The LockBit 3.0 ransomware group claimed responsibility and threatened to publish stolen data.

What Happened

Eagers Automotive requested a trading halt on the Australian Securities Exchange on 27 December 2023 due to a significant cybersecurity incident affecting its IT systems. On 30 December 2023, the LockBit 3.0 ransomware group listed Eagers on their data leak site, giving the company a deadline of 19 January 2024 to pay a ransom.

The attackers gained unauthorized access to parts of Eagers' IT systems and accessed customer data from company servers. The cyberattack significantly impacted IT infrastructure, causing operational disruptions at numerous dealership locations across Australia and New Zealand.

Impact on Individuals

Eagers confirmed that the incident involved unauthorized access to parts of the company's IT systems, with attackers accessing customer data. The company informed "a small number of individuals" who faced serious risk of data misuse.

The disruption primarily affected:

  • The ability to finalize transactions for new vehicles that had been sold and were ready for delivery
  • Service and parts operations at multiple locations
  • Customer service and communications systems

While the exact number of affected customers was not disclosed, the breach exposed personal information of customers who had purchased vehicles or used service centers across Eagers' extensive dealer network.

Organisational Response

Eagers Automotive engaged external cybersecurity experts to investigate the incident and worked to restore affected systems. The company notified:

  • The Australian Cyber Security Centre (ACSC)
  • The New Zealand National Cyber Security Centre
  • Potentially affected customers
  • The Office of the Australian Information Commissioner

The company gradually restored systems and operations over several weeks following the attack. As a publicly listed company, Eagers faced scrutiny from investors and regulators about the incident's financial impact and the adequacy of its cybersecurity controls.

[extra.impact] affected_individuals = 0 individuals_note = "" data_volume_gb = 0 record_count = 0 financial_cost_total = 0 ransom_demanded = 0 ransom_paid = 0 estimated_remediation = 0 downtime_hours = 0 downtime_note = "" +++

Verification Source: View original statement