Legal help for data breach compensation claims

“Millions of car dealership information spread on the web” – DealerBuilt’s “shoddy” system has reportedly caused a massive data breach

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

While data breaches are at an all-time high in the U.K., the U.S. are facing the same security crisis with huge data breaches happening all the time as well. A recent report showed that customers’ personal details from hundreds of car dealerships were put at risk due to an inadequate database.

DealerBuilt is a specialised Dealer Management System (DMS) which allows dealers to manage every aspect of a dealership, and they boast a “secure integration”, which is somewhat ironic given the breach…

A “shoddy” system

Researchers recently found that 128 dealership systems were backing up their information and systems onto the DealerBuilt central systems. What is described as a ‘shoddy security system’, the DealerBuilt’s centralised system were reportedly backing up data without encryption or security. Not only does unencrypted data offer a huge business risk, but it allows hackers to see what is being backed up. Not encrypting data is likened to driving a brand new Ferrari without insurance. You may drive it as safely as you wish, but it doesn’t protect you from the actions of other drivers. So, driving any vehicle (without insurance) puts you at the same financial risk as not encrypting your data. It’s not just the financial penalty that you have to think about, but the wasted time rectifying the solution.

Customer and employee personal information

The database was found on Shodan, a search engine for open and unsecured databases connected to the internet. The database importantly includes payroll data (which may include sensitive information like bank details), customer names, and addresses. It’s not just customer details that they have failed to protect securely – the database also stored information like the social security numbers of customers and the employees who are employed by the dealerships. This arguably puts these individuals at a higher risk of identity theft. Cyber-hackers can use sensitive information to commit financial fraud or filing for false tax returns.

Millions affected

As the researchers detail 128 dealership systems, it’s likely that the individuals affected would be in the millions (estimated five million). However, there are no exact numbers as of yet.

Importance of a secure database

This data breach highlights the importance of a secure database when storing personal details and sensitive information. It’s arguable that dealerships should have done more to secure their databases rather than afford all the responsibility to a third party contractor, like DealerBuilt. It seems as if many of the dealerships were not even aware of DealerBuilt’s security procedures, as their website reportedly fails to detail how the company handles data security.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Author on January 09, 2017
Posted in the following categories: Hacking News and tagged with

1.2 million KFC customers warned of data breach
“Unsolicited marketing calls have landed a legal firm a £30,000 fine” – Assist Law Ltd used private information solely to make unsolicited marketing calls