Eagers Automotive halts trading in response to cyberattack

Eagers Automotive has announced it suffered a cyberattack and was forced to halt trading on the stock exchange as it evaluates the impact of the incident.

Eagers Automotive is the largest operator of car dealerships in Australia and New Zealand, with over 300 selling points for brands such as Toyota, BMW, Nissan, Mercedes-Benz, Audi, Ford, VW, and Honda. It also owns a large number of subsidiaries focused on second-hand sales.

The company employs 8,500 people, and in the first half of 2023, it reported revenues of AU$4.82 billion (USD$3.25 billion).

On December 27, 2023, Eagers Automotive announced it would have to halt all trading operations to manage disclosure obligations concerning the cybersecurity incident.

Today, a second announcement offered more insight regarding the situation, noting that the incident has impacted several of its systems across Australia and New Zealand.

"The outage is currently impacting our IT systems in some operating locations across Australia and New Zealand, but the full extent of the cyber incident cannot yet be ascertained," reads the media release.

"External experts have been appointed to support our response and an urgent investigation is underway."

Eagers Automotive notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Center of the incident.

Due to the size of the company and the type of its business, there's concern about the possibility of a data breach impacting many customers, potentially exposing sensitive financial information.

While the company expressed regret for inconveniencing customers and emphasized the importance of safeguarding customer and employee data, it did not explicitly address the possibility of a data leak in the media statement.

When writing this, no major ransomware groups assumed responsibility for an attack at Eagers Automotive.

Just yesterday, Yakult Australia confirmed that it is investigating a cyber-attack that occurred earlier this month following the leak of 95GB of allegedly stolen data by a new DragonForce ransomware group.

Last week, the Akira ransomware gang claimed an attack on Nissan Australia that the firm disclosed in early December, which is still under active remediation and investigation.

Multiple other large Australian businesses impacted by cyberattacks earlier this year include DP World, Pizza Hut Australia, Dymocks Booksellers, the University of Sydney, HWL Ebsworth, Latitude Financial, Fire Rescue Victoria, and the Queensland University of Technology.

Update 12/30 - The Lockbit ransomware gang claimed responsibility for the attack on Eagers Automotive, but the firm has still not confirmed the information.