Zack Whittaker reports:
If you bought a car in the last few years, there’s a good chance your personal information may have found its way to the open internet.
Names, addresses, phone numbers and social security numbers for both customers and employees for over a hundred car dealerships have leaked online, all thanks to a centralized records system coupled with shoddy security.
The system, built and operated by DealerBuilt, an Iowa-based database software company, sells management systems for car dealerships across the US, offering a central system for sales, customer relations, and employee payroll needs.
Last week, MacKeeper security researchers found 128 dealership systems, known as LightYear machines, were backing up to DealerBuilt’s central systems without any encryption or security, allowing anyone to see what was being backed up.
Read more on ZDNet.
“Adam Brown, chief technology officer at DealerBuilt declined to comment when reached by phone on Monday, and could not be reached Tuesday.” Yeah, I think he’s at the enrollment office a local culinary school.