AutoCanada reports ransomware attack, possible data breach
Learn More
AutoCanada, a car dealership company, is warning that employee data may have been compromised following a ransomware attack in August 2024, attributed to the Hunters International ransomware gang.
The cyberattack occurred in mid-August and forced AutoCanada to take several internal IT systems offline as a containment measure, leading to operational disruptions. Its 66 dealerships continued business, though some customer services were delayed. AutoCanada has implemented several mitigating measures since the attack, including isolating affected systems from the main network, disrupting the encryption process, disabling compromised accounts, and resetting admin passwords. The company is also conducting comprehensive security audits, installing threat detection systems, revising security policies, and providing cybersecurity training to employees.
On September 17, 2024, Hunters International claimed responsibility for the attack, publishing terabytes of data they claimed to have stolen from AutoCanada. The leaked data allegedly includes:
- Full names
- Addresses
- Dates of birth
- Payroll information (including salaries and bonuses)
- Social Insurance Numbers (SIN)
- Bank account numbers used for direct deposits
- Scans of government-issued identification documents
- Personal documents stored on work computers or connected drives
The number of affected individuals is not disclosed.
Although AutoCanada initially stated that personal data "may" have been compromised, independent security researchers confirmed that employee data had indeed been leaked. In response, AutoCanada is offering three years of free identity theft protection and credit monitoring through Equifax, with an enrollment deadline of January 31, 2025.
