Braman dealerships affected by cyberattack, report says

Braman Dealerships in Florida has experienced a system outage that has affected operations, one that may be linked to a ransomware incident, according to a local news report.

“We recently experienced a network outage which is currently impacting our operations,” David Leibowitz, secretary and general counsel for Braman Management Association, which includes the dealerships, said in an emailed statement to Automotive News on Friday evening. “We are working diligently to restore systems at our dealerships as quickly and as safely as possible. Our investigation into this matter is ongoing.”

The Miami dealership group has not confirmed whether the outage is connected to a cyberattack. The group also did not respond to additional questions about when the outage began, whether it affected the entire group or selected stores or whether customer data was affected.

Braman Dealerships is ranked No. 29 on Automotive News’ list of the top 150 dealership groups in the U.S., with 10 dealerships and 24,839 new vehicles sold in 2020.

Miami TV station WPLG, citing sources including an anonymous employee, reported that the outage was connected to a cyberattack, a notice of which appeared on computer screens.

“The whole system at Braman crashed and we got a ransom note from the hackers. They took the whole system out and they are asking for money,” the employee said, according to WPLG.

A spokesman for the FBI in Miami told Automotive News that the agency does not confirm or deny investigations into cyberattacks.

Ransomware incidents involve hackers who lock down computer systems in exchange for a ransom demand. Dealerships have been targets. In December 2019, Arrigo Automotive Group in West Palm Beach, Fla., was hit by a ransomware attack that brought down the group’s computer network.

The FBI and cybersecurity experts say dealerships and other organizations can prevent such incidents by upgrading information technology systems, ensuring system data is backed up and training employees to identify suspicious emails, including conducting phishing tests.