Automotive supplier LKQ victim of a cyber attack

[German]Brief information for readers who may have a business relationship with the supplier of vehicle parts, LKQ. The US supplier also has European subsidiaries. I have just received information that LKQ has been the victim of a cyber attack in a Canadian division. This is according to a notification to the US SEC.

Who is LKQ?

LKQ Corporation ("Like, Kind and Quality") is an American supplier of alternative and specialty parts for the repair and accessories of automobiles and other vehicles. LKQ has operations in North America, Europe and Taiwan. LKQ distributes replacement systems, components, equipment and parts for the repair and accessories of cars, trucks, recreational and sport utility vehicles.

The company is represented at a total of 1,684 locations in Europe and North America. The LKQ Group includes Euro Car Parts, Fource, the RHIAG Group, Elit, Auto Kelly, the STAHLGRUBER Group and the recycling specialist Atracco. LKQ also holds a minority stake in the Mekonomen Group.

Information on the cyberattack

According to the SecurityWeek article Major Auto Parts Firm LKQ Hit by Cyberattack, the supplier has informed the US Securities and Exchange Commission (SEC) about the cyber incident.

The company discovered unauthorized access to the information technology (IT) systems of a single business unit in Canada on November 13, 2024. Steps were immediately taken to contain and recover from the incident. This included activating the security incident response and recovery plans created for this purpose.

At the same time, external forensic investigators were involved in initiating measures to contain the attack for the affected systems and the law enforcement authorities were informed. Currently, the specialists appear to be analyzing the data affected by the incident. The company intends to notify the affected parties accordingly.

As a result of the incident, the company's operations in this business unit were impacted for several weeks while the affected systems were restored. LKQ believes that it has effectively contained the threat and that none of its other business units were affected by the threat, and the affected business unit is now operating at near full capacity, the statement said.