Findlay Automotive Group, a prominent dealership network with operations spanning Nevada, Utah, Arizona, Washington, and Idaho, recently identified a cybersecurity issue impacting certain areas of its IT infrastructure. Upon discovery, the company swiftly launched an investigation, joining the expertise of leading cybersecurity professionals and collaborating with law enforcement agencies to address the Findlay Automotive cybersecurity issue. While the investigation is ongoing, Findlay Automotive is actively working to mitigate the issue and restore full operational capabilities. However, no details related to the data compromised and the extent of the data breach have been provided by the Officials of Findlay Automotive Group. “Promptly after becoming aware of the issue, we launched an investigation with the assistance of leading cybersecurity experts and law enforcement. Our investigation is ongoing, and we are working diligently to resolve the matter,” reads the company’s statement on Facebook. [caption id="attachment_76709" align="aligncenter" width="760"] Source: Findlay Automotive's Facebook Post[/caption]

Operational Impact of Findlay Automotive Cybersecurity Issue

Despite the restrictions imposed by the Findlay Automotive cybersecurity issue, all dealership locations remain open. Customers with vehicles currently in service are encouraged to visit or contact their respective service departments directly for assistance from Findlay’s dedicated staff. "At Findlay Automotive, we have been serving our communities with pride and integrity since 1961," reads the company’s Facebook Post. "We take our responsibility to our customers and the community very seriously. We will continue to provide updates as the investigation continues and more information becomes available.” The urgency and gravity of the situation are highlighted by recent trends in cybersecurity, particularly the rising threat of ransomware attacks in the industrial sector.

Rising Cyber Threats in the Industrial Sector

In 2019, industrial companies faced significant financial burdens due to ransomware, collectively paying out $6.9 million, which accounted for 62% of the total $11 million spent on ransomware that year. Despite representing only 18% of ransomware cases, the manufacturing sector bore the brunt of the financial impact. By 2020, the cross-industry cost of ransomware had escalated to a staggering $20 billion. Gartner, a research firm, has projected that by 2023, the financial repercussions of cyberattacks on industrial systems, including potential fatal casualties, could exceed $50 billion. The automotive sector, in particular, has become a prime target for cybercriminals. As these threats intensify, paying ransoms become increasingly weak, emphasizing the necessity of enhanced cybersecurity measures to protect assets. The recent Volkswagen incident exemplifies the magnitude of these threats. In April 2024, Volkswagen faced a cyberattack, suspected to originate from Chinese hackers. The breach exposed sensitive data, including development plans for gasoline engines and critical information on e-mobility initiatives. Investigations by ZDF Frontal and “Der Spiegel” revealed more than 40 internal documents, highlighting the severity of the cyberattack. Similarly, in February 2024, Thyssenkrupp's automotive unit in Duisburg, Germany, experienced a cyberattack that disrupted production in its car parts division. Although no data theft or manipulation was detected, the company had to take several systems offline to prevent further unauthorized access, underlining the operational risks posed by such cyber incidents. Closer to home, Eagers Automotive Limited faced a cyber incident on December 27, 2023, leading to a temporary trading halt to address its continuous disclosure obligations. The company issued an apology to its customers for the inconvenience caused by the disruption, reflecting the broad and often immediate impact of cyberattacks on automotive businesses. Findlay Automotive’s proactive response to the current cybersecurity issue demonstrates its commitment to safeguarding its operations and customer trust. The company is maintaining open lines of communication with customers, providing regular updates as the investigation progresses and more information becomes available.