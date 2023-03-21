It’s official: Ferrari is under attack by computer pirates and received a ransom note related to some contact details of its customers. “Upon receiving this request, we immediately launched an investigation in cooperation with a world-leading cybersecurity company. Furthermore, we have informed the relevant authorities and we are certain that they will do everything in their power in carrying out the investigations – reads a note from Ferrari – In line with its company policy, Ferrari will not accept any ransom requests as agreeing to such requests would finance criminal activities and allow perpetrators of threats to perpetuate their attacks”.

Ferrari makes it known again that, “in the belief that the best course of action is to inform our customers, we have notified our customers of the potential exposure of their data and the nature of the event”. “Ferrari takes the issue of customer confidentiality very seriously and understands the importance of what happened. We’ve partnered with experts to further strengthen our systems, of whose solidity we are confident. We can also confirm that the breach had no impact on our company’s operations,” the statement concludes.

But that is not all. Benedetto Vigna himself, CEO of Ferrari, wrote directly to the customers. Here is the letter

Dear Ferrarista,

We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment. As part of this incident, certain data relating to our clients was exposed including names, addresses, email addresses and telephone numbers. Your data may have been included as part of this incident. However, based on our investigation, no payment details and/or bank account numbers and/or other sensitive payment information, nor details of Ferrari cars owned or ordered have been stolen.

We were recently contacted by a threat actor with a ransom demand related to such customer data. As a policy, Ferrari will not be held to ransom as paying such demands continues to fund criminal activity and enables threat actors to perpetuate their attacks. Moreover, it does not fundamentally change the data exposure.

Upon receipt of the ransom demand, we started an investigation in collaboration with a leading global third-party forensics firm and have confirmed the data’s authenticity. In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.

We have worked with third party experts to further reinforce our systems and are confident in their resilience. We can also confirm the breach has had no impact on the operational functions of our company.

We take the confidentiality of our clients seriously and understand the significance of this incident and for this reason we have notified you promptly. If you would like to contact Ferrari for additional information, please email us at [email protected] or [email protected] where a team will be able to assist you.

We would like to take this opportunity to sincerely apologize for this event and rest assured we will do everything in our power to regain your trust.

Yours sincerely,

Benedict Vigna

Chief Executive Officer