Auto elements large LKQ Company revealed that considered one of its enterprise items in Canada was hacked, permitting menace actors to steal firm knowledge.
LKQ is an American public firm specializing in car elements, elements, and restore and upkeep providers. The corporate has 45,000 staff in 25 international locations and operates quite a few manufacturers, together with Keystone, Tri Star and ADL.
In a Kind 8-Okay submitting filed late Friday with the SEC, the corporate says considered one of its enterprise items in Canada was breached on Nov. 13, disrupting enterprise operations.
“On November 13, 2024, LKQ Company (the “Firm” or “we”) detected unauthorized entry to the knowledge know-how (IT) programs of a single enterprise unit in Canada (“Enterprise Unit”). The assault disrupted the operations of the Enterprise Unit,” reads the report. Submission of Kind LKQ 8-Okay.
“Upon discovery, we instantly started taking steps to analyze, include, and get better from the incident, together with activating our safety incident response and restoration plans, partnering with industry-leading forensic investigators, and initiating containment measures for affected programs. “We additionally instantly notified legislation enforcement authorities. We’re analyzing the info affected by the incident and can notify affected events as applicable.”
“On account of the incident, the Firm’s operations inside this Enterprise Unit have been negatively impacted for a number of weeks whereas the affected programs have been recovered; nonetheless, the Firm believes that it has successfully contained the menace and that none of its different companies was affected by the menace, and the Enterprise Unit is now working at virtually full capability.”
The corporate says it doesn’t imagine the incident can have any materials impression on its funds or operations for the rest of the fiscal yr. LKQ says they’ll ask their cyber insurance coverage firm to reimburse them for the prices and bills arising from the cyber assault.
LKQ advises that its containment measures have brought about some disruption to the affected enterprise for a number of weeks, however it has since restored operations.
No ransomware gang or different menace actors have claimed duty for the assault.
