Hackers break into 10 car dealerships and steal customer and employee bank accounts, name, address and passport details

Card dealership Sandcliffe was targeted by a powerful cyberattack which could have compromised staff and customers’ personal information, including financial details. The attack would have occurred at the beginning of this year.

The dealership, which features 10 showrooms across multiple UK locations (Nottingham, Leicester and Loughborough) was targeted by a cybercriminals gang last February 2020, thanks to an unaware user who opened a link attached to a malicious email.

People affected by the incident are being alerted by Sandicliffe security staff to confirm that their personal data had been breached; it seems the incident also affected former employees. Among the details believed to have been stolen by the hackers are:

  • Full names
  • Dates of birth
  • Bank account numbers and sort codes
  • National Insurance numbers
  • Passport scans
  • Salary levels
  • Medical histories

It is worth mentioning that the compromised details vary for each affected person, depending on their role in the company or for how long they’ve been clients. The cyberattack has already been reported to the Information Commissioner’s Office (ICO), but no further action will be taken, as some sources have disclosed.

When asked about this incident, a cybersecurity consultant mentioned: “Cybercriminals have no preference in terms of sector, industry or type of data that could be breached, thus causing great concerns and inconvenient for affected organizations and users above all.”In this specific case, it is concerning the significant delay the company took to notify those who may have had their data stole, as time is essential to prevent further incidents”.

Users concerned about their data security status should contact Sandcliffe staff as soon as possible, as well as their banking institution service.