{
	"id": "1036b75a-dd6f-4dab-a23f-a7d3e7a9e628",
	"created_at": "2026-04-06T00:13:26.662202Z",
	"updated_at": "2026-04-10T03:20:38.420854Z",
	"deleted_at": null,
	"sha1_hash": "bf6552284a17fbc3fb9aa62e64eae7a843e5b7a1",
	"title": "Pendragon car dealer refuses $60 million LockBit ransomware demand",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1825435,
	"plain_text": "Pendragon car dealer refuses $60 million LockBit ransomware demand\r\nBy Bill Toulas\r\nPublished: 2022-10-24 · Archived: 2026-04-05 18:14:00 UTC\r\nPendragon Group, with more than 200 car dealerships in the U.K., was breached in a cyberattack from the LockBit\r\nransomware gang, who allegedly demanded $60 million to decrypt files and not leak them.\r\nPendragon owns CarStore, Evans Halshaw, and Stratstone luxury car retailer, that sell brands cars for all budgets, from\r\nJaguar, Porsche, Ferrari, Mercedes-Benz, BMW, Land Rover, or Aston Martin, to Renault, Ford, Hyundai, Nissan, Peugeot,\r\nVauxhall, Citroen, DS, Dacia, and DAF.\r\nPendragon did not provide many details about the security incident and limited the information to saying that there is no\r\nimpact on operations.\r\nhttps://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"We have identified suspicious activity on part of our IT systems and have confirmed we experienced an IT security\r\nincident,\" Pendragon says in the security announcement.\r\n\"This has not affected our ability to operate, and we continue to service our customers and communities as normal\" -\r\nPendragon\r\nHowever, in an interview for The Times publication on Friday, the company chief marketing officer, Kim Costello, pointed\r\nto LockBit rasnsomware gang as the culprit and said that the attack happened about a month ago.\r\nAccording to Costello, the company has been in contact with the hackers and received stolen files as proof of the breach but\r\ndid not engage in negotiations.\r\nThe hackers asked for \"tens of millions of dollars before a deadline\" under the threat of publishing stolen data, Costello\r\nadded. According to the U.K. publication, the LockBit asked for a $60 million ransom.\r\nThe company spokesperson said that Pendragon stands firm on its decision to not pay the hackers.\r\nAfter discovering the attack, Pendragon reported the incident to law enforcement in the U.K. as well as to the country's data\r\nprotection office.\r\nPendragon's spokesperson also clarified that the company's IT team reacted immediately to the attack. Results from the\r\ninvestigation showed that the hackers stole only 5% of the database.\r\nBleepingComputer contacted the company for more info about the stolen data and the impact it would have if the hackers\r\nleak it but received no response at publishing time.\r\nLockBit's attack on Pendragon comes around the time the U.K. car dealer received a takeover offer of £400 million from the\r\nSweden-based Hedin Mobility Group.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nhttps://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/\r\nPage 3 of 4\n\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/\r\nhttps://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/"
	],
	"report_names": [
		"pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand"
	],
	"threat_actors": [],
	"ts_created_at": 1775434406,
	"ts_updated_at": 1775791238,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/bf6552284a17fbc3fb9aa62e64eae7a843e5b7a1.pdf",
		"text": "https://archive.orkl.eu/bf6552284a17fbc3fb9aa62e64eae7a843e5b7a1.txt",
		"img": "https://archive.orkl.eu/bf6552284a17fbc3fb9aa62e64eae7a843e5b7a1.jpg"
	}
}