{"id":92793,"date":"2023-06-13T10:45:00","date_gmt":"2023-06-13T10:45:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/?p=92793"},"modified":"2023-06-13T10:45:00","modified_gmt":"2023-06-13T10:45:00","slug":"arnold-clark-data-leak-victims-prepare-legal-action","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=92793","title":{"rendered":"Arnold Clark data leak victims prepare legal action"},"content":{"rendered":"
<\/div>\n

Thousands of people whose personal data was exfiltrated and publicly leaked by the Play ransomware gang following a cyber attack on the systems of nationwide car dealer network Arnold Clark<\/a> in 2022 are now coming forward to participate in what may become one of the largest group action law suits yet seen in the UK.<\/p>\n

The incident began on 23 December 2022<\/a>, and its initial impact saw Arnold Clark dealers forced to resort to pen and paper to record transactions, while hundreds of people who had been hoping to collect their new cars were left temporarily disappointed.<\/p>\n

The Glasgow-based firm, which is one of the UK\u2019s largest and longest-established family-owned car dealers, initially said that its customers\u2019 data was safe.<\/p>\n

However, on 22 January 2023, the Mail on Sunday<\/em> revealed<\/a> that this was not the case after a 15GB tranche of data was leaked on the dark web by Play<\/a>.<\/p>\n

This data included customer photo identification, passport data, banking data, dates of birth and home addresses, among other things.<\/p>\n

Shortly afterwards, Arnold Clark acknowledged that it had been the victim of data exfiltration<\/a>, and at the end of January 2023, the organisation began the process of sending notifications to its customers in staggered batches.<\/p>\n

A few weeks later, in mid-February, a further 30GB of data was posted, followed by the full data dump, totaling almost 470GB, at the end of March.<\/p>\n

The action is being spearheaded by Keller Postman<\/a>, a law firm that specialises in helping cyber incident victims get redress \u2013 although other actions are in progress.<\/p>\n

Connor Hewitt, who works in the cyber security sector, is among those to have joined Keller Postman\u2019s group action as a client.<\/p>\n

Hewitt bought a car from Arnold Clark a few years ago and as part of the sale provided extensive personally identifiable information (PII) to the car dealership to enable it to conduct due diligence and credit checks. He was informed that his data had been leaked in mid-February, a few weeks after the Mail on Sunday<\/i> broke the story.<\/p>\n

\u201cI remember getting the notification \u2013 I was in the gym and I remember the email popping up,\u201d said Hewitt. \u201cIt basically said we believe your data was included in a data breach.\u201d<\/p>\n

Hewitt was only mildly concerned at this stage, as the Mail\u2019s <\/i>story generated some discussion within a work-based group chat of which he is a member. The group shares breach information to help him and his colleagues have more informed conversations about cyber security with their customers.<\/p>\n

\u201cObviously that article came out and the first thing that came into my head was, \u2018I bought a car from them, I wonder if my information is part of that breach.\u2019 And then\u2026I got the email to say my information was part of that,\u201d he said.<\/p>\n

Hewitt says he has seen multiple fraud attempts being made against him since then. \u201cIt\u2019s not been too bad because I can spot them quite easily based on the work I do \u2013 I do phishing training all the time with customers,\u201d he said.<\/p>\n

\u201cThere have been spikes in…the likes of Instagram, direct messages with links, spikes in Facebook friend requests \u2013 again, slightly dodgy ones. There have been 30, maybe pushing 40, credit checks done against me. I\u2019ve had text messages off companies trying to say, \u2018You\u2019ve got parcels being delivered, please check this parcel\u201d, and all that kind of stuff. Sometimes that happens when you have ordered something, as well.\u201d<\/p>\n

Many of these fraud attempts were extremely crude and easily spotted, but many have been quite sophisticated, and Hewitt said he was keenly aware that thousands of less technology-savvy people caught up in the incident have not been so lucky.<\/p>\n

Indeed, Arnold Clark-linked frauds are now popping up all over the UK, said Keller Postman associate solicitor Bill Singer.<\/p>\n

\u201cNumerous clients have uncovered evidence of identity theft, for example, unauthorised credit checks, sometimes dozens a day. Other clients have actually reported fraud going through,\u201d said Singer.<\/p>\n

\u201cHuge numbers of them are experiencing an elevated level of fraud attempts, a whole variety of phishing, social media messages, text messages. Lots have had cold calls as well \u2013 for example, bogus calls from their bank\u2019s fraud department. They are seeing a wide variety of cyber criminal activity.\u201d<\/p>\n

Singer said it was not possible to put a figure on what the average loss per claimant might be, but in instances where frauds have been successful, they have ranged in value from Direct Debits for a few pounds being set up on victims\u2019 bank accounts, to attempts to obtain high value items and services, many of which have been successful.<\/p>\n

One claimant, somewhat ironically, found that their identity had been stolen when a letter arrived at their house from a Volkswagen dealer, congratulating them on the purchase of a \u00a338,000 Golf, which was most assuredly not parked on their driveway.<\/p>\n

\u201cWhether the fraud is small or large it has the same consequences,\u201d said Singer. \u201cYou still need to get your money back. You still need to spend extra time protecting yourself against future frauds. You might have an impacted credit score \u2013 I have clients who have been refused credit on new cars due to all of these identity theft attempts.\u201d<\/p>\n

Those affected are being urged to come forward to join more than 10,000 people who have already signed up as potential claimants. More details can be found on Keller Postman\u2019s website<\/a>.<\/p>\n

Singer told Computer Weekly the case against Arnold Clark is still in the evidence-gathering phase prior to potential court proceedings, but the solicitors have alleged liability and put forward their claim to Arnold Clark. They are currently waiting on its response.<\/p>\n

Keller Postman and its clients are also awaiting the outcome of the Information Commissioner’s Office\u2019s (ICO\u2019s) investigation into whether or not Arnold Clark has breached any of its statutory obligations under the General Data Protection Regulation (GDPR).<\/p>\n

\u201cWe will be keenly awaiting the outcome of the ICO investigation. We [also] know the ICO is investigating at least one complaint from Arnold Clark customers who have been dissatisfied with the [response to the] data breach,\u201d said Singer.<\/p>\n

\u201cThe ICO has very heavy fining powers [and] we would expect a broad fine if any breaches are upheld, but what they can\u2019t do is award any compensation to individual customers who complain.\u201d<\/p>\n

For Hewitt, the ideal outcome would be for Arnold Clark to admit and accept liability over the breach, but also to fairly compensate those affected.<\/p>\n

\u201cAlthough I\u2019m in a position where I can see the threats as they are\u2026there will be people who will fall for phishing as people do. It can be scary for a lot of people who will see them and not really understand what\u2019s happening,\u201d he said.<\/p>\n

Singer added: \u201cThe whole essence of the case is that Arnold Clark could and should have done more.\u201d<\/p>\n

Computer Weekly contacted Arnold Clark\u2019s press office for comment on the ongoing investigation, but the organisation had not responded at the time of publication.<\/p>\n","protected":false},"excerpt":{"rendered":"

Thousands of people whose personal data was exfiltrated and publicly leaked by the Play ransomware gang following a cyber attack on the systems of nationwide car dealer network Arnold Clark in 2022 are now coming forward to participate in what may become one of the largest group action law suits yet seen in the UK. […]<\/p>\n","protected":false},"author":1,"featured_media":92794,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-92793","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/92793","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=92793"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/92793\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/92794"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=92793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=92793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=92793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}