Over 80% of consumers would not buy a car from dealer with data breach

(June 20, 2016)  NEW YORK — Total Dealer Compliance (TDC), a car dealership compliance-auditing firm, today announced key findings from its second car dealership survey which targeted both consumers and car dealers. Among the survey’s key findings are results indicating that nearly 84% of consumers would not buy another car from a dealership after their data had been compromised, while only 30% of dealers employ a network engineer with Computer Security certifications/training.

“As car dealerships continue to be a real target for cyber criminals, with fewer data-protection measures in place than most other industries, we set out to discover the effect this is having on a car dealership’s bottom line,” said Max Zanan, president of TDC. “Our report discovered that more than 70% of dealers are not up to date on their anti-virus software, and nearly a third of consumers lack confidence that their personal data is secure when purchasing a vehicle.”

Highlights from the dealer survey include:

• Nearly 85% have a contract with a 3rd party vendor to handle more complex IT work

• Only 30% of dealers employ a network engineer with Computer Security certifications/training

• Only 25% hired a 3rd party vendor to try to hack into their networks to test their vulnerability

• More than 80% employ an IT engineer to handle basic day-to-day work

• More than 70% of dealers are not up to date on their anti-virus software

Highlights from the consumer survey include:

• Nearly 33% of consumers are not confident in the security of their personal and financial data when making a purchase at a car dealership

• Just under 84% of consumers will not go back to buy another car from a dealership after their data has been compromised

Dealerships should regularly conduct IT vulnerability scans, Windows security checks, provide online courses on networking, as well as implement a solid computer security policy, according to TDC. TDC conducts vulnerability scans by using independent “White Hat” hackers to discover a dealership's cyber vulnerabilities and based on those vulnerabilities discovered, create policy.

“Car dealerships need to put procedures in place to help prevent cyber security attacks. We help dealers focus on social engineering and how not to fall victim to hacking,” continued Zanan. “As ever, our report turns a spotlight on the hot topic of data security, revealing the necessity of having strict policies and procedures in place that are being adhered to by all employees to ensure consumer confidence and loyalty.”