New developments have emerged in the AutoCanada cybersecurity breach that occurred on August 11, 2024, as the ransomware group Hunters International has taken responsibility for the attack. The group claims to have exfiltrated a substantial amount of sensitive data and is threatening to publish it within 48 hours if their demands are not met.
The disclosure was made public on the cybercriminals' leak site often used to share stolen information. Hunters International alleges to have obtained over 1.4 terabytes of AutoCanada's internal data. This includes crucial financial documents, IT infrastructure information, accounting records, and HR data, affecting a wide range of stakeholders, including customers, employees, and suppliers.
Hunters International, a notorious ransomware group with a track record of targeting large corporations, alleges to have stolen the following from AutoCanada:
- Financial data: Income statements, balance sheets, cash flow documents, tax reports, and more.
- IT infrastructure: Detailed internal IT network diagrams, user manuals, software licenses, and security incident reports.
- HR records: Employee personal details, payroll data, performance reviews, and compliance documents.
- Accounting records: Audit trails, general ledger entries, and inventory valuations.
The size of the files reported—over 355,000 finance-related files, 94,000 IT documents, 788,000 accounting records, and 43,000 HR-related items—suggests a widespread breach of the company's systems. If this data is published, it could lead to severe reputational damage for AutoCanada, in addition to financial losses and potential legal ramifications for failing to protect sensitive data.
AutoCanada's response
As of the latest update, AutoCanada has not issued an official statement in response to this new claim from Hunters International. However, the company previously confirmed that they had engaged cybersecurity experts to contain the breach, secure their networks, and launch a full-scale investigation. Despite these efforts, it appears that the attackers were able to maintain access to critical systems long enough to exfiltrate sensitive data.
AutoCanada, based in Edmonton, Alberta, operates 84 franchised dealerships across North America and generates annual revenue exceeding $6 billion. Given its prominence in the automotive industry, the stakes are high, with the potential exposure of confidential business and client information further escalating the severity of the situation.
CyberInsider has contacted AutoCanada requesting a comment on Hunters International's allegations and asking if the firm has any evidence of customer data having been stolen, but we are still waiting for a response.
Individuals and businesses associated with AutoCanada — whether customers, suppliers, or employees — should monitor financial and personal accounts for unusual activity and report suspicious transactions, change passwords for any accounts linked to AutoCanada or its services, and enable multi-factor authentication (MFA) where possible. The release of data may trigger an uptick in phishing attacks, using stolen information to trick users into providing further details or gaining access to other accounts, so vigilance is recommended.
Temu and SAP Refute Claims of Data Breach Made on Hacker Forums
Leave a Reply