Cybercriminals hacked the personal details of Arnold Clark customers.
If your data has been put at risk in this data breach, you may be able to claim compensation.
Use our instant eligibility checker to see if you may have a claim.
Rated 4.9 out of 5
in
Click Below to Get Started
Keller Postman UK — As of September 2023
Customers of Arnold Clark may have had their personal information exposed following a data hack. The breach happened after hackers broke into the car dealer’s systems. The cybercriminals then demanded a multi-million-pound ransom and threatened to upload customer information to the dark web if they were not paid.
Tens of thousands of people are thought to be at risk.
According to various media reports, the stolen data includes:
Bank account and sort code details may also have also been stolen.
The cybercriminals released an initial 15 gigabytes of sensitive data on 17 January 2023. A further 30 gigabytes of data was posted on the dark web on 14 February 2023, and on 31 March 2023, our data security experts discovered another 475 gigabytes of data on the dark web.
Keller Postman UK has launched an investigation to find out what happened and how this breach affects Arnold Clark customers. We believe that failures to adopt standard security measures may have made this attack easier.
Keller Postman UK has launched an investigation and group action to find out what happened and how this breach affects Arnold Clark customers. They believe that failures to adopt standard security measures may have made this attack easier.
The data breach group action will help affected customers in England & Wales claim compensation for the security failures. We currently represent in excess of 7,500 customers and are helping them to seek information and redress.
If you are an Arnold Clark customer, register below to join our action and receive updates on our investigation.
You can check your eligibility instantly by completing the questions in our online eligibility checker.
The team at Keller Postman UK includes some of the most skilled lawyers in England and Wales. Representing individual claimants and group action cases, their team has the experience, diligence and means to fight your corner and win.
Boasting an experienced multi-claimant legal team, their lawyers include leading litigators from England & Wales. And they are never afraid of a fight and are ready to take on large, deep-pocketed defendants that other law firms shy away from.
Used to winning for clients against well-funded corporations, they have all the resources and expertise necessary to take on complicated cases. This is advantageous when it comes to taking on big corporations in complex multi-claimant and group actions.
Ultimately, they act for clients who deserve to win, and they do everything they can to ensure that they do.
Arnold Clark experienced a cyber security incident on 23rd December 2022. It was issued with a multimillion-pound ransom demand from the Play ransomware cartel. A 15GB tranche of stolen customer data was allegedly shared on the dark web, with another, much larger upload threatened if the cryptocurrency ransom was not paid.
The cybercriminals then carried out their threat and released another 30 gigabytes of data on the dark web.
The list of potentially compromised data includes customer:
On 3 January 2023, 11 days after the cyberattack, Arnold Clark said:
“Late on the evening of 23rd December, the Group was notified by our external cyber security consultants of suspicious traffic on our network. Once we confirmed this internally with our own Cyber team, we made the decision to bring down our network voluntarily as a purely protective measure, which has resulted in us cutting connectivity to the internet, our dealerships and our third-party connections.
“Our priority has been to protect our customers’ data, our systems and our third-party partners. While this has been acheived, this action has caused temporary disruption to our business and unfortunately our customers.
“Our external security partners have now been performing an extensive review of our whole IT network and infrastructure, which is a mammoth task, and they are providing guidance to our IT team on the re-enabling of our network and systems in a safe, secure and phased manner.
“Our showrooms and branches are open and will be able to assist our customers using our temporary systems until we have been able to restore our full systems safely. We expect to resume customer vehicle collections later this week and our branches are contacting customers to arrange this.
“Once again, we would like to thank our customers for their understanding and to apologise for any inconvenience this has caused.”
On 28 January 2023, Arnold Clark released a further statement about the attack. In this, the company appeared to admit that, while its IT systems were capable of being set up so that they were not vulnerable to external attacks (a segregated environment), work to achieve this had only just begun.
The volume of data at risk leads us to believe that any customer of Arnold Clark in the last ten years has a high probability of their information being accessed.
Arnold Clark is writing to all affected and potentially affected customers and will continue that communication as its investigation progresses.
If you live in England or Wales and you are involved in this breach, you may be able to join our no-win, no-fee compensation claim. There are no costs to register and no obligation to proceed.
A group action claim is where a group of people – sometimes even thousands of people – have been affected by the same issue. Group action cases are also known as class actions, multi-claimant, or multi-party actions.
There are no costs to join a claim. However, if your claim is successful, you may have to pay a ‘success fee’. This fee is taken from the compensation awarded to you. At Keller Postman UK, our success fee is competitive, and we make sure you are fully informed about any potential costs before you officially join our action. If you lose, you won’t have to pay a penny.
If you have been affected by the Arnold Clark data breach, Keller Postman UK can help you make a no-win, no-fee claim for compensation.
Use our instant eligibility checker to see if you may have a claim.
As an experienced and professional claims management firm, Blue Panda Finance Ltd charges a fee for our services. We operate on a no win no fee basis. This means that if we are not successful in recovering any money for you, we do not charge you a fee. We also do not charge cancellation fees, unless you have cancelled within ten days of your offer being received.
Should we be successful with your claim, our fee is 30% plus VAT of the total money recovered.
These are typically deducted from the money you are awarded. Should you receive payment directly or it is added to your pension, your fee will still be payable.
Fees: Examples only - these are not estimates and not examples of what you will get.
Compensation Amount | Fee (inc VAT) | Amount Sent To Customer |
|---|---|---|
£1,000 | £360 | £640 |
£3,000 | £1,080 | £1,920 |
£10,000 | £3,600 | £6,400 |
“Thank you for the great service and outcome after losing my pension in Ethical Forestry”
“Thank you very much, it was quick & easy, whilst being kept informed at all times, a great result. It has put my life back on track”
“Thank you so much for helping me recover compensation for my lost pension. I still can’t believe that I received an offer of £50,000 in just over 8 weeks!”
This content is sponsored by Keller Postman UK, a company registered in England and Wales with registration number 11937792 and registered office at 81 Chancery Lane, London, WC2A 1DD. They are authorised and regulated by the Solicitors Regulation Authority with registration number 661050.
