BMW has stated that a ransomware attack claimed by criminal hackers only impacted a local dealership in France.
The Play ransomware group claimed that it attacked “BMW France” on its leak site on Tuesday. However, BMW spokesperson said that there was no evidence that the attack had penetrated the company at large.
BMW experts have been monitoring the situation and have not identified any intrusion within BMW Group or BMW France systems.
The Play group has been in the news recently for causing damaging attacks on the cities of Oakland and Antwerp. In January, the group took credit for an attack on Arnold Clark, one of the UK’s largest car dealerships. When the car dealership refused to pay a ransom, the gang leaked National Insurance numbers, passport data, alongside addresses and phone numbers. The group also published bank statements and car finance documents for customers of the Glasgow-based business.
In February 2022, ransomware actors from the now-defunct Hive group also attacked Emil Frey, one of Europe’s largest car dealers. The Play ransomware group first emerged in July 2022, targeting government entities in Latin America, according to Trend Micro.
The rise of ransomware groups such as Play and Hive has caused many companies and organizations to be on high alert and take steps to secure their systems against such attacks. BMW is yet to confirm if it paid any ransom to the attackers.
