A cyberattack has impacted a prominent Australian motorcycle distributor, MotorCycle Holdings, leading to a data breach on its websites, Sherco and Lambretta. The breach occurred due to unauthorized access to a web server hosted by a third-party vendor, resulting in the insertion of malicious code into the websites. This breach potentially exposed customer personal information, including names, addresses, email addresses, and phone numbers, as well as data from web form responses stored on the server.
MotorCycle Holdings has taken steps to address the breach, emphasizing that its internal systems remain secure and unaffected. The company is actively notifying affected customers individually, reassuring those not contacted that their details were not accessed in the breach. While the breach has not impacted the company’s ongoing operations, MotorCycle Holdings continues to investigate the incident and remains vigilant in its response to the event.
Despite the breach, the company has not identified any compromise of other platforms beyond the affected third-party vendor. However, the motivations behind the attack and the identity of the threat actor remain unclear. MotorCycle Holdings pledges to keep its customers, shareholders, and stakeholders updated as the investigation progresses and further details emerge.
