Related Articles
Customers are being contacted and given advice
The personal data of some UK Renault customers has been stolen by hackers following the latest in a series of major cyber attacks on global businesses. Renault Group UK emailed drivers to confirm that a third-party data processing business used by the car firm was targeted by hackers.
As a result, “some customers’ personal data has been taken from one of their systems”, Renault said. It is has been reported that some owners and customers of Dacia vehicles, which are also made by Renault, have also been affected.
The company stressed that no financial data, such as bank account details, or password data was compromised in the attack. But it said data accessed in the hack included some or all of: customer names, addresses, dates of birth, gender, phone number, vehicle identification numbers and vehicle registration details.
Renault did not disclose how many customers were affected by the incident. It added that no direct Renault Group UK systems were compromised.
Advice to customers
A spokesman for Renault UK said: “We are in the process of contacting all affected customers, advising them of the cyber attack and reminding them to be cautious of any unsolicited requests for personal information.
“Concerned customers should consult https://www.renault.co.uk/data-privacy.html or contact our data protection officer at dataprivacy@renault.co.uk.
“We wish to apologise to all affected customers. Data privacy is of the upmost importance to us and we deeply regret that this has occurred.”
It comes as rival Jaguar Land Rover (JLR) continues to deal with the damaging fallout of a major cyber attack which caused the UK’s largest car manufacturer to halt production. Earlier this week, JLR said it expects to restart some production within “the coming days”, a month after the hack led to its factory shutdown.
A raft of other businesses have also been hit by major cyber attacks in recent months, including beer giant Asahi, high street retailer Marks & Spencer and nursery group Kido Schools.
Mike Beevor, chief technology officer at IT services provider Principle Networks, said: “One thing that seems consistent in the reporting and analysis of recent breaches is the involvement, whether directly or indirectly, of the supply chain and third-party connections and connectivity into the breached environments.
“Often, the access of these third parties is controlled and managed by the originating party, which is where the issues begin. Simply put, those third parties are NOT subject to your cybersecurity controls, security posture, identity management, and policies.
Taking back control of those inbound connections, applying the same zero trust principles that you apply to your own users and enforcing least privilege access with a strong identity strategy is the foundation on which you can begin to decrease these attacks, and if not the elimination of breaches, then at least you can minimise the blast radius and damage caused.”
Source link
