Arnold Clark’s recovery from a Christmas cyber attack has been described as a “mammoth task” after the car retail giant was forced to axe internet access to protect its customer data.

A spokesperson for the AM100 car retail group told AM this morning (January 3) that the business has yet to re-establish connectivity to the internet, dealerships and third-parties after an enforced systems shut-down prompted by the attack by hackers late on December 23.

The group said that the swift action had been successful in protecting “customers’ data, our systems and our third-party partners”, but it continues to battle IT issues more than 10 days on.

Its spokesperson also refuted reports that it had brought its head of IT back from a family holiday in Italy to deal with the issue, or that it had sacked its previous head of IT following a similar breach 12 months earlier, branding both “untrue”.

In a statement issued to AM, Arnold Clark revealed that its external cyber security consultants had notified the business of “suspicious traffic on our network” late on December 23.

Once this had been confirmed by Arnold Clark’s own cyber team the decision was made to “bring down our network voluntarily as a purely protective measure”, it said, adding: “Our priority has been to protect our customers’ data, our systems and our third-party partners.

“While this has been achieved, this action has caused temporary disruption to our business and unfortunately our customers.”

Commenting on the work required to get its systems safely back up and running, Arnold Clark said: “Our external security partners have now been performing an extensive review of our whole IT network and infrastructure, which is a mammoth task, and they are providing guidance to our IT team on the re-enabling of our network and systems in a safe, secure and phased manner.

“Our showrooms and branches are open and will be able to assist our customers using our temporary systems until we have been able to restore our full systems safely.”

Due to the disruption to its IT systems, Arnold Clark was unable to complete handovers of vehicles sold to customers before Christmas.

Today’s statement confirmed that the business expects to resume customer vehicle collections later this week. 

It added: “Once again, we would like to thank our customers for their understanding and to apologise for any inconvenience this has caused.”

Arnold Clark is the latest car retail group to fall foul of a cyber attack.

In October AM reported that Pendragon had become motor retail's latest victim, who have reportedly issued a $60 million (£53m) ransom demand to the major AM100 dealer group.

That attack came just two months after Holdcroft Motor Group saw some of its core systems "damaged beyond repair" by a cyber attack.

In March last year iVendi outlined 10 ways car retail businesses could mitigate against online security risks.