Svoboda | Graniru | BBC Russia | Golosameriki | Facebook
88°F
weather icon Clear
Las Vegas, NV
Business

Source: Findlay operations nearly idled, losses mount from cyberattack; suit filed

This undated photo shows Findlay Chevrolet in southwest Las Vegas, one of the auto dealerships ...
This undated photo shows Findlay Chevrolet in southwest Las Vegas, one of the auto dealerships operated by Findlay Automotive Group. (Jerry Henkel/Las Vegas Review-Journal)
More Stories
A vacant lot across from the Wynn Las Vegas hotel-casino photographed on Thursday, Dec. 14, 201 ...
Wynn’s plans to build a third tower still alive
(File/Las Vegas Review-Journal)
‘A continued public danger:’ Solar company fined $460K, banned in Nevada
The Las Vegas Athletic Club at 2655 S. Maryland Parkway is seen Monday, May 20, 2024, in Las Ve ...
LVAC sues health district over lifeguard rule 4 months after woman drowns
The Sphere, seen on Tuesday, July 4, 2023. (L.E. Baskow/Las Vegas Review-Journal)
Another Sphere first with HPE convention’s keynote address
By / Las Vegas Review-Journal
June 14, 2024 - 9:41 am
 
Updated June 14, 2024 - 4:49 pm

Findlay Automotive Group is reportedly losing millions of dollars a day in revenue after it was hit by a ransomware attack earlier this week, a person familiar with the matter said.

It could take another week before the company can fix the issues, the person told the Las Vegas Review-Journal. It’s unclear if Findlay Automotive has paid any ransom.

Findlay Automotive has scaled back operations at its 33 dealerships and only has a few employees working at each one in case customers show up, the person said. Most employees aren’t working since most sales and service operations have been impacted by the attack.

Duke Zamora of Las Vegas said he bought a 2024 Chevrolet Trax from Findlay Chevrolet last year and called the dealership several times this week to try to get service. He said he was told that the computer systems were down and they couldn’t help him. Zamora, who isn’t involved in the lawsuit, said he had to go to another dealership for the service.

Days after the Las Vegas-based automotive group was hit by the cyberattack it’s already facing a class-action lawsuit claiming it failed to properly protect sensitive customer information in the wake of a cyberattack against the company.

Facing class-action lawsuit

The lawsuit, filed Wednesday in Clark County District Court, says that, since Findlay Automotive was the victim of a cyber attack, it could have compromised customer information that could fall into the hands of bad actors. Customer information that Findlay Automotive could have exposed includes names, addresses, Social Security numbers, insurance policy numbers, credit and debit card numbers, and other financial information needed to sell, buy or lease a vehicle, the suit says.

Findlay Automotive didn’t immediately respond to a request for comment.

The plaintiffs in the initial filing are listed as Karen Smith and Pholisith Bouphapraseuth and are represented by the Stranch, Jennings & Garvey law firm.

“Plaintiffs make the following allegations on information and belief, except as to their own actions, which are made on personal knowledge, the investigation of counsel, and the facts that are a matter of public record,” the lawsuit said.

The plaintiffs want Findlay Automotive to delete all sensitive customer information from its system, pay for any expenses over the lifetime of the plaintiffs related to the fallout of this information getting into the wrong hands, and implement additional cybersecurity measures in the future.

The lawsuit also stated that Findlay Automotive hasn’t notified the plaintiffs on whether their information has been compromised.

Background on incident

Findlay Automotive shared a statement on Monday saying it was dealing with a “cybersecurity issue” that impacted its sales and services department.

“Promptly after becoming aware of the issue, we launched an investigation with the assistance of leading cybersecurity experts and law enforcement,” the statement said. “Our investigation is ongoing, and we are working diligently to resolve the matter.”

The Metropolitan Police Department referred the Review-Journal to the Federal Bureau of Investigation when asked about an investigation into the cyberattack. The FBI said its standard practice is to neither confirm nor deny the existence of an investigation.

How dealerships view cybersecurity

Cybersecurity is an issue auto dealers in Nevada and the U.S. have been worried about for years since every dealership relies on technology to operate, said Andrew MacKay, executive director of the Nevada Franchised Auto Dealers Association. He estimates that Nevada auto dealers spend “millions of millions” of dollars every year on cybersecurity efforts, from employee training, to upgrading a dealership’s hardware and software and other IT components.

MacKay couldn’t comment on Findlay Automotive’s situation or the class-action lawsuit, but said dealerships are reliant on computers and technology to complete sales and service appointments, communicate with car manufacturers and notify customers of important safety information related to their vehicle.

“You have to have technology, end of story,” he said.

Contact Sean Hemmersmeier at [email protected]. Follow @seanhemmers34 on X.

Don't miss the big stories. Like us on Facebook.
THE LATEST
MORE STORIES
recommend 1
Cybersecurity attack impacts sales, service at Nevada automotive group
recommend 2
Findlay Automotive supports Signs of Hope
recommend 3
Findlay donates to local theater company
recommend 4
Could health rule change shut down pools at some Las Vegas gyms?
recommend 5
‘It’s too soon’: Regents critical over UNLV’s leasing plan for land near Strip
recommend 6
99 Cents Only stores are closing. What happens to them next?