Arnold Clark Data Breach Updates

Confirmed Arnold Clark Cyber Attack leaks Customers’ private information on the Dark Web

Arnold Clark suffered cyber attack which has crippled the business since Christmas Eve.

Our CEO, Joe Burns has now discovered that leaked personal information has been published onto the dark web by hacker collective ‘Play’.

Arnold Clark Personal Data Leaked on Dark Web

Last Updated: 19/01/2023 09:47

One of the UKs biggest car dealers, Arnold Clark, has suffered a major data breach. Despite a statement by the company which suggests that the disruption caused over the Christmas and New Year period was a precautionary measure.

However, our Cyber Security team have today discovered that customers’ personal data and much more information has been published on the dark web.

The hacker group named ‘Play’ have taken responsibility for the hack and made a small sample of data available for download from the 467 GB they claim to have stolen.

They have threatened to publish the full data “If there [is] no reaction”. This would suggest the group have made contact with Arnold Clark and demanded a Ransom payment.

Our Cyber Security team have now been in contact with cyber police forces with information to help in their investigations.

We have also approached the Information Commissioner’s Office to enquire whether this breach has been reported and was informed that there were no active cases listed. We have also asked Arnold Clark via twitter to confirm if the cyber attack and data breach had been reported. We have not received a response as yet. 

Have Arnold Clark had Cyber Attack?

Arnold Clark confirmed that there had been a cyber security incident on 23rd December 2022 and that as a result they took down their network and systems as a precaution.

They posted on twitter on 27th December with their first public announcement of any issue, saying:

To our customers, please accept our apologies; we’re experiencing technical issues affecting our systems and, intermittently, our telephones. Please bear with us as we try to fix these problems. In the meantime, please DM us or email us at [email protected]


Our CEO, Joe Burns asked on Twitter for a verification of the cyber attack to which they responded:

Hi Joe. Suspicious network traffic was detected, and we closed all our systems, to protect our customers and ourselves. We are now investigating and reenabling our network and systems in a safe, secure and phased manner.

Finally on 3rd January 2023, 11 days after the initial incident, Arnold Clark made a statement.

Late on the evening of 23rd December, the Group was notified by our external cyber security consultants of suspicious traffic on our network. Once we confirmed this internally with our own Cyber team, we made the decision to bring down our network voluntarily as a purely protective measure, which has resulted in us cutting connectivity to the internet, our dealerships and our third-party connections.


Our priority has been to protect our customers’ data, our systems and our third-party partners. While this has been acheived, this action has caused temporary disruption to our business and unfortunately our customers.


Our external security partners have now been performing an extensive review of our whole IT network and infrastructure, which is a mammoth task, and they are providing guidance to our IT team on the re-enabling of our network and systems in a safe, secure and phased manner.


Our showrooms and branches are open and will be able to assist our customers using our temporary systems until we have been able to restore our full systems safely. We expect to resume customer vehicle collections later this week and our branches are contacting customers to arrange this.


Once again, we would like to thank our customers for their understanding and to apologise for any inconvenience this has caused.

Arnold Clark Customer Data Found on the Dark Web

Despite their statement after Christmas saying that Arnold Clark took down their systems as a precaution because they detected suspicious activity and that no customer data had been stolen, data belonging to the car retailer has been seen on the dark web.

The comment from this leak reads: Private and personal data, passports, IDs, confidential contracts, agreements, leasing contracts, finance information and many others. For now partially published compressed 15gb, If there no reaction full dump will be uploaded. Each of the archives can be used independently.’

This data breach serves as an important reminder of the need for companies to prioritise cybersecurity. In an age where digital data is increasingly valuable, it is essential that companies take the necessary steps to protect their customers data.

Worried about your business getting hacked?

If you would like to see how you could improve your Cyber Security, take our short, 12 question quiz:

5.0 95 reviews

  • Avatar Richard W. ★★★★★ 4 months ago
    We've only been using Reformed IT since the start of this year but we've had a great service from them. The service desk quickly resolve any issues & Joe & Scott have … More been very proactive in increasing our IT security & offering advice on how best to configure our systems & equipment. Can't recommend them highly enough!
  • Avatar Samuel H. ★★★★★ 5 months ago
    Reformed IT are absolutely fantastic. They consistently go above and beyond to help no matter what issue I present them with.
    It is refreshing to have a provider that not only knows
    … More their stuff but is responsive and look to build a relationship with their client to provide a 'total package' experience.
  • Avatar Boneham T. ★★★★★ 4 months ago
    Reformed IT are a refreshing and innovative managed IT provider. They have been hands down the most proactive and responsive IT support company we have worked with. If you take your … More IT, cyber security and networked systems seriously, ensuring continuity, resilience and a high level of response and support, then we can honestly recommend the Reformed IT approach.
  • Avatar Karolina D. ★★★★★ 4 months ago
    Reformed IT always provides excellent technical support. I've always found them to be reliable and effective IT support specialists. You can reach out to them for any technical … More or non technical issues, they would have an answer for everything or will get it for you in no time. I can't recommend them highly enough.