Conti ransomware attack on UK’s largest Ford dealer TrustFord

UK’s largest Ford dealer group TrustFord, which operates in over 60 sites across England and Northern Ireland, has been hit by a ransomware attack by the Conti, one of the most prolific and dangerous of the many criminal ransomware gangs.

In a statement, the vehicle dealer group confirmed it had suffered a “cyber incident” but said it remained to trade. The attack affected the internal IT systems, especially the access to the internet and phones within the business.

There is no impact on Ford Motor Company systems because Trust Ford operates as a stand-alone company, sharing no IT infrastructure with its parent company.

TrustFord has informed the appropriate regulatory authorities, and the Information Commissioner’s Office (ICO) is investigating the attack across Trust Ford branches throughout the UK with the help of third-party experts.

In a statement on the TrustFord website, the company assured customers that 65 sites in the UK and the Channel Islands remain open and trading. It can answer any customer inquiries, as usual, using the website inquiry forms or by phone.

Reportedly, the TrustFord cyber-attack dates from late last month, judging by a tweet to the company on 28 March, which asked if it had “no internet due to a Russian cyberattack.” TrustFord did not respond to the tweet.

The TrustFord cyber-attack is the latest known attack on a UK company, following the breach of KP Snacks in February 2022. UK’s discount book retailer The Works has also been the victim of a cyberattack, which led the retailer’s 520 stores to close, and stock deliveries were temporarily suspended.