Another lawsuit has been filed against Findlay Automotive Group following a ransomware attack that targeted the car dealership network. The lawsuit, brought by customer Susan Stevens, alleges that Findlay Automotive failed to adequately safeguard customers’ information, potentially exposing it to malicious actors who could misuse it for financial or identity theft purposes.
Stevens, who purchased a vehicle from Findlay Automotive in 2023, claims that her privacy was violated due to the potential exposure of sensitive personal information. This recent lawsuit, filed in Clark County District Court, is the second class-action suit against Findlay Automotive, with both cases being represented by the Stranch, Jennings & Garvey law firm.
The plaintiffs in these lawsuits are seeking compensation for any expenses incurred by customers as a result of the data breach and are demanding that Findlay Automotive enhance its cybersecurity measures to prevent future attacks. Additionally, the lawsuits criticize the company for failing to provide timely and accurate information about the ransomware incident and its impact on customers.
Findlay Automotive initially reported system disruptions on June 10 but has not shared further details about the cyberattack since then. The attack has disrupted the dealership’s service appointments and vehicle sales operations. Despite these developments, Findlay Automotive has not responded to requests for comments on the lawsuits.
Greg Moody, the director of UNLV’s cybersecurity program, highlighted the attractiveness of automotive companies like Findlay Automotive to cybercriminals due to the wealth of customer data they possess. He emphasized that attackers are constantly seeking lucrative targets and that organizations holding significant customer information are prime targets for ransomware attacks.
In addition to Findlay Automotive, CDK Global, a software provider for over 15,000 car dealerships, has also experienced cyberattacks leading to operational disruptions. While CDK works on restoring its services, dealerships affiliated with major automakers such as Stellantis, Ford, and BMW have resorted to manual processes to continue their sales operations in the interim.
The cyberattacks on Findlay Automotive and CDK Global underscore the growing threat of ransomware incidents targeting the automotive industry. As companies strive to enhance their cybersecurity defenses, customers are advised to remain vigilant about potential data breaches and take proactive measures to protect their personal information.
For further inquiries, contact Sean Hemmersmeier at shemmersmeier@reviewjournal.com or follow @seanhemmers34 on X. The Associated Press contributed to this report.
