NZ Incident – Ransomware Attack, 28 February 2025

DragonForce Ransomware Targets Kiwi Car Dealership Tristram European

The attackers claim to have stolen over 30 gigabytes of sensitive data, including customer information and financial records.

Website: https://www.tristramauckland.co.nz/
Source: Kiwi car dealership Tristram European listed by DragonForce ransomware | Cyberdaily.au

View more incidents relating to the Automotive sector and incidents from New Zealand.

Summary: Auckland, New Zealand – Auckland-based car dealership Tristram European has been listed by the notorious DragonForce ransomware group. The dealership, known for its Volkswagen, SKODA, and MG vehicles, is the latest victim in a string of high-profile cyber attacks targeting businesses across the region.

Data Breach Details: DragonForce claims to have exfiltrated over 30 gigabytes of sensitive data from Tristram European, including customer information, financial records, and internal communications. The ransomware group has reportedly published a portion of the stolen data on their dark web portal, threatening to release more if their demands are not met1.

Impact on Operations: The breach has significantly disrupted Tristram European’s operations, with the dealership’s management confirming that they are working closely with cybersecurity experts to contain the incident and assess the full extent of the damage. “We are taking this matter very seriously and are committed to protecting our customers’ data,” a spokesperson for Tristram European stated.

Expert Insights: Cybersecurity experts warn that the automotive industry is becoming an increasingly attractive target for ransomware groups due to the vast amounts of data they handle. “Dealerships like Tristram European are prime targets because they store a wealth of personal and financial information,” said David Hollingworth, a cybersecurity analyst2.

Preventative Measures: In light of this incident, experts recommend that businesses in the automotive sector bolster their cybersecurity measures. This includes regular data backups, employee training on phishing attacks, and the implementation of advanced threat detection systems.

Ongoing Investigation: The New Zealand Police and cybersecurity agencies are currently investigating the breach. Authorities urge any customers who suspect their data may have been compromised to monitor their accounts for suspicious activity and report any concerns immediately.

Conclusion: As ransomware attacks continue to rise, it is crucial for businesses to stay vigilant and proactive in their cybersecurity efforts. The Tristram European incident serves as a stark reminder of the ever-present threat posed by cybercriminals and the importance of robust security protocols.