Europe's biggest car dealer hit with ransomware attack

Emil Frey confirmed that the ransomware attack took place in January.
Written by Jonathan Greig, Contributor

One of Europe's biggest car dealers, Emil Frey, was hit with a ransomware attack last month, according to a statement from the company. 

The Swiss company showed up on the list of victims for the Hive ransomware on February 1 and confirmed that they were attacked in January. 

"We have restored and restarted our commercial activity already days after the incident on January 11, 2022," a spokesperson said, declining to answer more questions about whether customer information was accessed. 

The company -- which has about 3,000 employees -- generated $3.29 billion in sales in 2020 thanks to a variety of automobile-related businesses. It was ranked as the number 1 car dealership in Europe based on revenue and the total number of vehicles for sale. 

The FBI spotlighted the Hive ransomware group in August 2021 after their members attacked dozens of healthcare organizations last year. 

In 2021, Hive attacked at least 28 healthcare organizations, including Memorial Health System, which was hit with a ransomware attack on August 15

The FBI alert explains how the ransomware corrupts systems and backups before directing victims to a link to the group's "sales department" that can be accessed through a TOR browser. The link brings victims to a live chat with the people behind the attack, but the FBI noted that some victims have even been called by the attackers demanding ransoms. 

Most victims face a payment deadline ranging between two and six days, but others were able to extend their deadlines through negotiation. 

On Wednesday, the FBI, National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA), the UK's National Cyber Security Centre (NCSC), and the Australian Cyber Security Centre (ACSC) released a warning indicating that a growing wave of increasingly sophisticated ransomware attacks poses a threat to critical infrastructure and organizations around the world.

"We live at a time when every government, every business, every person must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim," said CISA Director Jen Easterly. 

Editorial standards