UK car repair specialist Kwik Fit has suffered a serious cyber-attack that has brought down its computer systems for over a week.
The attack first came to light when customers were complaining on social media that they were unable to book appointments through the company’s online booking service.
Kwik Fit initially told customers that their IT systems had gone offline on Saturday due to technical difficulties, but that the issue was being resolved.
The company has since confirmed that its systems were infected with malware and that they’re in the process of conducting a full investigation. A spokesperson told the BBC: “We first experienced some issues with a virus in our IT network during the weekend. This affected a number of our systems but in the interest of ongoing security we can’t confirm the source of the problem.
“We have been working to get our operational systems back up and running normally and while there is still some disruption, our centres are open as usual.”
“We can reassure customers that we do not store any of their financial information and currently have no reason to believe that any customer data was compromised.”
Malware is fast becoming one of the biggest online threats and it’s been used in some of the world’s largest cyber-attacks including the 2017 WannaCry attack that affected more than 200,000 victims in 150 countries.
It’s typically installed on a computer when a user clicks on a link, downloads a malicious attachment or opens a rogue software programme. Once installed, attackers can use the malware to lock down systems, spy on online activities and steal personal and financial information.
Robert O’Brien, CEO of Cyber Security firm MetaCompliance believes the attack will have damaged consumer trust in the organisation and the loss of bookings will have directly impacted the company’s bottom line.
“The Kwik Fit attack highlights the far-reaching consequences that a cyber-attack can have on a business. If organisations want to protect themselves from data breaches, fines and damage to reputation, they’ve got to become proactive in their approach to Cyber Security and look at the areas of their business that need strengthened and protected the most.”