TENS of thousands of motorists affected by a data breach at Scotland’s biggest car dealer are being contacted by consumer credit experts to warn them of their exposure to fraudsters.

Arnold Clark is advising customers about the dangers of online scams after their personal details – including copies of passports and national insurance numbers – were posted on the ‘dark web’.

Ransomware gang Play claimed responsibility for the web sting which hit the nationwide car dealer on December 23 and is ongoing.

The hackers released a 15 gigabyte tranche of customer data on their illicit site, which can only be accessed by specialist web tools. They are claiming to have stolen a total of 467 gigabytes and are threatening to release it unless Arnold Clark pays a ransom believed to be millions of pounds.

The firm has not said whether or not it intends to pay but it is working to establish how many customers have been affected.

It has set up a call centre with consumer credit firm Experian to help those affected by the hack. Staff will provide customers with advice about preventing identity theft and online fraud.

An Arnold Clark spokesman said: ‘Due to the type of cyber attack that we have been subjected to, it is extremely difficult to accurately identify what has been stolen. However, our teams are working with our external advisers to understand the exact nature and extent of that data.’ The cost of the disruption to Arnold Clark is not known, but it could run to millions of pounds.

It emerged this month that Lady Philomena Clark – widow of the firm’s founder Arnold Clark – was listed at No13 of the highest UK taxpayers, with an estimated tax bill of £92.7 million, following profits of £398.1 million in 2021, according to the Sunday Times Tax List.

The Scottish Mail on Sunday verified some of the data on the Play ‘dark web’ site. It contains customers’ names, dates of birth, addresses, email addresses, phone numbers, insurance certificates and copies of finance deals.

However, law enforcement action in the US last week offered a ray of hope for the car firm, which has 193 dealerships across the UK.

The FBI shut down the Hive ransomware gang which cybersecurity analysts have linked to Play.

Cybercrime expert Philip Ingram, an ex-colonel in British military intelligence, said: ‘Play and Hive are very similar in the techniques they use in their attack chains.’