Autovista confirms that it called in outside support to help clean up a ransomware infection currently affecting systems in Europe and Australia.
The automotive data and analytics biz issued a public statement on Wednesday confirming the incident, and said that it's working to contain the attack.
London-headquartered Autovista offers a broad suite of applications to customers, all built around its data offerings, and it's these applications that are experiencing disruptions, it said.
These include applications that help automotive companies monitor residual values of their assets and trends that affect them, and data-driven total cost of ownership (TCO) tools.
Its services are marketed to manufacturers and dealers, body shops, insurers, telematics companies, professional services outfits, and more.
"We know that getting this resolved quickly is important to you," the company said in an update. "Our top priority is to securely restore impacted applications, although we do not have a firm timeline on this yet.
"We will keep our customers informed, to the extent our investigation uncovers additional relevant information. We will also provide an update on timing when we have that information."
Autovista said that, given the early-stage nature of the attack, it was not aware of how the criminals were able to breach its systems, but third-party experts are working to understand the root cause.
Customers are being advised to monitor the company's website for further updates, since their usual contacts might be unreachable because email access has been pulled for some staff.
In its advisory, Autovista provided an email address belonging to the wider Autovista Group to customers who urgently need to contact the company directly.
Autovista's website remains online.
JD Power acquired Autovista Group in 2024, whose brands include Eurotax, Glass's, Rødboka, and Schwacke, which provide similar vehicle valuation, specification, and repair-data services in different markets. All the brands' homepages have links to the same security advisory hosted on Autovista's website.
No established ransomware group has yet claimed responsibility for the attack on the company.
Anonymous sources have told The Register that their organizations advised staff to block emails from all Autovista Group companies, sanitize any files to remove links, and delete any executables associated with them. ®
Source: The register