Enjoying what you’re reading? Sign up now.


Why Cybercriminals Target Dealerships

encrypted computer code
Article Highlights:

  • Dealerships offer a trove of data for cybercriminals to go after.
  • You’d be surprised who cybercriminals are.

Dealerships are prime targets for cyber attacks and many auto dealers fail to realize the gravity of this truth. Some consider cybersecurity as just another expense. However, cybersecurity is a critical business practice that will only become more vital for dealerships as cyber attacks become more common and more complex.

Cybercrime has evolved so much over the years and cybercriminals are no longer just some hacker in a dark basement who works alone to break into systems and networks. Many cybercrimes are carried out through organized groups of well-funded, full-time criminals who work together to completely overtake an organization’s network.

Why do cybercriminals target auto dealerships?

Think about all the data that’s collected and stored at your dealership. You have names, addresses, phone numbers, and email addresses all in your CRM. You’ve got bank information and social security numbers collected in F&I. Employees’ usernames and passwords are stored within your system.

To put it simply, your day-to-day operations require that you store private information for thousands (if not tens of thousands) of customers and employees. Dealerships have what cybercriminals are looking for: 1) tons of private information and 2) IT systems/policies that tend to be outdated or not a top priority.

What do cybercriminals want?

Like most criminals, cybercriminals are motivated by money and have several ways of getting it from dealerships.

These criminals can steal your customer and employee data and sell it on the dark web. Personal data is highly valuable. There’s no end to what someone can do with your private information; they can make purchases with your money, use your social security number to receive free medical care, and much more. If a cybercriminal can get access to enough sellable data, they can make thousands, or even millions, on the dark web.

Another common way for them to get money is through wire fraud. Frequently, this occurs through sophisticated phishing emails. For example, the cybercriminal poses as an executive and sends someone in the accounting office an email containing a wire request. To the accounting person, the email looks legitimate, so they comply and wire the money.

Ransomware attacks are another common way cybercriminals can use your business to make money. This highly damaging attack encrypts the data on a computer or network with a password set by the attacker. The attacker then offers to unlock the data if the dealership pays the ransom and will often threaten to leak the data and notify customers if payment isn’t received (further increasing the pressure on the business to pay the ransom).

How to stay out of the line of fire.

Just because auto dealers are prime targets for cybercriminals doesn’t mean your dealership has to become their next victim. Being proactive with cybersecurity saves time, money, resources, and your reputation. To ensure you’re as protected as possible, you’ll want a trusted team of experts on board: people who are professionally trained in automotive cybersecurity, can monitor your systems 24/7/365, and provide comprehensive cybersecurity systems and trainings.

Remember, just because it hasn’t happened yet doesn’t mean it won’t.

Share this Article

Vice President of Data Strategy

Will started his career at Reynolds in 2000, and he has held various positions from website support specialist to business development management, and multiple roles on our Data Services team. As Vice President of Data Strategy, Will understands that data will power the foreseeable future, and he continues to provide a clear and concise data strategy for the company. As Chief Privacy Officer, he helps Reynolds be effective stewards of that data and helps Reynolds earn and maintain our dealers’ trust and the trust of their consumers.

Related Articles:

Who is your cyber nemesis?

It seems like every week there’s a new foe to your cybersecurity. In 2023, over 72 percent of businesses worldwide were affected by ransomware attacks.

What an Effective Cyber Team Looks Like

Having an effective cyber team in place makes all the difference in whether your dealership falls victim to a cyberattack, but what does this kind

Cybersecurity: Then and Now

While the first computer went online in 1945, the first recorded cyberattack wasn’t until 1970. And the word cybersecurity wasn’t even added to the dictionary

Digital padlock

The FTC Safeguards Rule Amendments + You + Reynolds… What You Need to…

Update: The FTC announced an extension of six months to the amendments of the Safeguards Rule. The amendments will not take effect until June 9,