Consumer Data Privacy Revolution is Underway - AutoSuccessOnline

Consumer Data Privacy Revolution is Underway

Data breaches are happening on an almost daily basis, exposing customer addresses, passwords, credit card numbers, social security numbers and other sensitive information.

Consumer privacy concerns are sweeping the nation and lawmakers are taking notice.

In the first six months of 2019, the number of data breaches has increased by 54% compared to the same time last year. As of July, more than 4.1 billion customer records have been exposed in approximately 3,800 publicly disclosed data breaches.

The business sector is responsible for 67% of reported breaches and 85% of exposed records. Data breaches are happening on an almost daily basis, exposing customer addresses, passwords, credit card numbers, social security numbers and other sensitive information.

Recent notable breaches include:

The City of Baltimore’s computer systems were infected in May with an aggressive ransomware called RobinHood. Although the city did not pay the ransomware, the resulting chaos has racked up more than $18 million in damages.

In late July, Capital One was hacked, exposing 100 million records including credit card applications. This is one of the largest data breaches in history with potentially devastating consequences.

Bulgaria’s National Revenue Agency was recently hacked, compromising the information of 5 million out of Bulgaria’s 7 million citizens. The hackers later sent a message to the Bulgarian media declaring “The state of your cyber security is a parody.” Imagine the consequences if this happened to your business.

According to one report, an unauthorized person accessed NASA’s Jet Propulsion Laboratory. The hacker went undetected for 10 months and acquired highly sensitive information from many critical and confidential projects.

Quest Diagnostics and LabCorp. These two clinical laboratories were both hacked in June, exposing a combined 19.6 million medical records and personal information. In fact, 2019 has been a horrible year for customer privacy in the medical industry, with breaches occurring on an almost weekly basis.

First American Financial was hacked in May, exposing 885 million sensitive records including bank account numbers, statements, mortgage information and tax records.

Facebook recently admitted that 600 million user passwords have been stored in plain text and could easily be accessed by its 20,000 employees. If you use Facebook, change your password.

Consumers Demand Protection

Many people still have an image of “hackers” as teenagers in basements, but this stereotype is inaccurate. The vast majority of today’s hackers are employed by large criminal or state-backed entities. These organizations use sophisticated strategies and systems to carry out cyberattacks worldwide. Although cybercriminals are located all around the world, most activity originates from Russia, China, North Korea and Brazil.

Understandably, consumers are increasingly fearful about the consequences of their personal information being stolen. Identity theft is a growing problem, with 33% of U.S. consumers reporting some form of credit card fraud or identity theft. In the next few years, experts estimate that cybercriminals will steal $6 trillion from U.S. consumers and businesses.

Once stolen, personal data is typically sold on the dark web to criminal organizations that are willing to pay from $10 to a few hundred dollars per identity. One successful data breach could net perpetrators millions of dollars. Because it’s so lucrative, cybertheft is a rapidly growing industry.

Cybercriminals use personal data to take over bank accounts, commit credit card, tax and mortgage fraud, steal identities and scam vulnerable consumers.

Across the U.S., growing consumer demands have motivated lawmakers to take action in order to drive businesses to be better prepared for cyberattacks. Although every state in the U.S. has a law that impacts how businesses must report data breaches, most experts agree these laws don’t do much to prevent data breaches in the first place.

To address this challenge, as of July 2019, 20 states have drafted or passed consumer privacy laws. The most notable example is the California Consumer Privacy Act (CCPA), which requires businesses to take “reasonable measures” to protect consumers’ personal and private information.

The CCPA applies to most auto dealerships in California. Dealerships store vast amounts of personal information from consumers, including names, phone numbers, email addresses, home addresses, credit card numbers, social security numbers and other financial information.

Dealerships Need to Take Action

The CCPA takes effect in January, 2020. Unfortunately, becoming compliant is not as simple as installing antivirus software and calling it a day. The California Attorney General has defined “reasonable measures” as 20 Controls issued by the Center for Internet Security (CIS).

To become compliant, California auto dealers will need to implement these 20 controls, which include appointing a security officer, creating a cybersecurity plan and providing security awareness training to employees. Depending on the state of the IT network, it may also include upgrading network equipment, computer hardware and software.

Although compliance will take time, money and effort, the CCPA is forcing a much-needed evolution in dealerships’ information technology (IT) practices.

The first steps to become CCPA compliant are:

  1. Understand where your current IT environment falls short of CIS 20 controls. Order a gap analysis, also known as a Risk & Vulnerability Assessment, from a recommended IT services provider.
  2. Create a prioritized remediation plan that fills gaps identified.
  3. Implement the plan. Seek help if you are shorthanded. The clock is ticking and time is of the essence.
  4. Maintain compliance with ongoing management. IT isn’t static and it’s easy to fall out of compliance if things aren’t routinely managed and monitored.

Compliance with the CCPA by the January deadline requires a sense of urgency and a detailed plan of action. If your dealership hasn’t yet taken steps to protect consumers’ personal information, you may be vulnerable to a data breach and subsequent lawsuits in 2020.

Erik Nachbahr

You May Also Like

How to Boost Appointment Conversions with Positive First Impressions

It’s crucial to equip your staff with effective phone handling strategies that can make a lasting impression and persuade callers to choose your dealership.

Your dealership only has seven seconds to make a positive first impression with potential buyers. Oftentimes, a first impression is made before your leads walk through your doors. Prospective buyers typically invest a significant amount of time conducting research and reaching out to different stores to determine where they’d like to purchase their vehicle. Therefore, it becomes crucial to equip your staff with effective phone handling strategies that can make a lasting impression and persuade callers to choose your dealership. By implementing these proven strategies, you can help your dealership stand out against the competition and greatly enhance customer experience.

Why Data Security Must Be a Priority in Today’s Automotive Retail Market

Dealers who gain a better understanding of data security and how data relates to industry trends will ultimately find themselves in a better position to achieve long-term goals.

The Digital Dilemma: How to Rethink Sales and Delivery to Drive a Successful Car Buying Future

By taking the right steps, traditional car dealers can still compete, win and flourish, even as digital sales become more prolific.

Revolutionizing Auto Service: How Digital Tools Are Transforming the Auto Dealership Landscape

Remote diagnostics, over-the-air updates, faster service appointments and less vehicle downtime all represent the emerging reality of remote automotive services.

147,348 Reasons Why Customer Experience & Dealership Loyalty Matter – The Power of a Point

That’s the annual average revenue increase a dealership can expect to realize by raising its customer satisfaction score by a single point.

Other Posts

Accelerate2Compliance Partners with Privacy4Cars for Suite of Vehicle Privacy Solutions

Comprehensive security solutions help protect personal data from cyber threats.

In a Fickle Market, How Do We Continue Winning Customers for Life?

It is imperative to ask the right questions to find out what motivates your customers. Getting to know the customer means getting to know their needs and that benefits everyone. 

Alarming Number of Dealers Are Still Not Ready for This Year’s Safeguards Rule — Here’s What to Know

The ruling oversees how financial institutions protect consumer data, and dealerships must implement changes to protect their consumer data.

Before You Make a Video…

Here are a few tips for creating value proposition, service special or test-drive videos. With a little planning you can quickly produce high-quality videos for your dealership.

taking video of car with phone