HQ/EMEAFind out how we can help your business
The LKQ Corporation, an American automobile parts company, revealed that one of its business units in Canada became a target of a hack.
Reports revealed that the incident allowed the threat actors to take data from the organisation. This affected entity is a publicly traded American corporation that sells automotive replacement parts, components, and car repair and maintenance services.
The corporation is currently home to at least 45,000 employees in 25 countries and operates under several names.
LKQ revealed on an 8-K filing that the cyberattack occurred in November.
LKQ filed a FORM 8-K with the SEC on November 13, stating that unauthorised individuals breached one of its business units in Canada and that the incident affected its business activities.
However, the company claimed that they immediately started taking steps to investigate, contain, and recover from the incident. Some preventive measures they executed were activating security incident response and recovery plans, partnering with external forensic investigators, and initiating containment measures for compromised systems.
In addition, it immediately notified the relevant law enforcement agencies about the attack. As of now, the company claims that it is in the middle of analysing the data impacted by the incident and will notify affected parties once it has grasped the full effect of the incident.
Still, the company’s operations within this business unit suffered disruption for a few weeks while its team tried to recover the affected systems. The firm believes that it has effectively contained the threat and that none of its other businesses suffered from the attack.
The American auto parts provider expects the incident to have no significant impact on its financials or operations for the rest of the fiscal year. LKQ said it would seek payment from its insurance carrier for the costs and expenses incurred because of the cyberattack.
LKQ advises that its containment efforts caused some interruption in the breached business unit for a few weeks but have since resumed operations. No known ransomware groups or other hackers have claimed responsibility for the cyberattack, but researchers believe that they might emerge depending on whether they have stolen significant information that can be used as leverage.
