agent Entrepreneur logo
MenuMENU
SearchSEARCH

Helion Issues Dealer Data Security Guidance

TIMONIUM, Md. — IT managed services provider Helion Automotive Technologies has issued proactive security recommendations for auto dealers who may be at risk of customer data breaches. The recommendations come on the heels of an incident that occurred last month and was widely reported in news outlets. In February, a disgruntled employee with a CRM vendor circulated ... Read More »

March 16, 2017
4 min to read


TIMONIUM, Md. — IT managed services provider Helion Automotive Technologies has issued proactive security recommendations for auto dealers who may be at risk of customer data breaches. The recommendations come on the heels of an incident that occurred last month and was widely reported in news outlets.

In February, a disgruntled employee with a CRM vendor circulated an email that appeared to be from hackers threatening to release sensitive information from millions of customer records. The data was purportedly taken from several dealerships’ dealer management systems (DMS). The CRM vendor quickly identified the employee, determined that no security breach had occurred, and that the data the employee had in her possession was benign.

Ad Loading...

“These dealers were lucky, because if this hoax had turned out to be true, they would be legally liable and could be on the hook for millions of dollars,” said Erik Nachbahr, Helion’s founder and president and an Auto Dealer Today contributor. “What this incident illustrates is how most dealerships do not understand the serious consequences related to a data breach of this nature and how ill-prepared they are to respond.”

If a hacker gains access to sensitive data in customer records, such as Social Security numbers and birth dates, the cost to a dealership could be in the millions. That figure is based on an average cost of $30 per customer record breached.

Even if a dealership’s CRM or DMS vendor is responsible for the breach of a dealership’s customer records, the dealership is legally liable for all resulting costs, which may include:

  • Local and federal law enforcement investigations

  • Computer forensic investigations

  • Business interruptions, including orders to close the dealership until the source and impact of the breach is assessed

  • Customer notifications and free credit monitoring for customers

  • Crisis management and public relations

  • Customer and class-action lawsuits

  • FTC action for noncompliance with the Gramm-Leach-Bliley Act and software copyright laws

Fortunately for dealers, Nachbahr said, these consequences can be greatly mitigated by creating a security plan that includes a response to customer data breach occurrences.

Ad Loading...

His first recommendation is that dealers should assign a point person in the dealership who will coordinate a planned response. The designee is typically a high-level financial executive, which in a dealership may be the CFO, controller or chief compliance officer.

The designee should have a written response plan that addresses each of the consequences listed in the bullet points above. The designee should also have a list of parties and contact information at the ready in the event of a security breach. Parties that need to be notified immediately include local law enforcement, the dealership’s attorney, cyberliability insurance provider and public relations/crisis management representative.

The customer data breach response plan should also include a protocol for notifying customers that their data has been breached, which is a legal requirement. Many states also have a legal requirement that will require dealers to pay for one or two years of free credit monitoring for the affected customers.

Nachbahr recommends that any dealer who does not have cyberliability insurance should get some immediately. The typical insurance policies that dealerships carry, such as property, liability and casualty insurance, do not cover costs related to data breaches.

Finally, dealers who don’t have a crisis management plan in place, Nachbahr recommends they create one. Costs related to litigation and compliance violations can be greatly alleviated if the dealership responds publicly, immediately and in an appropriate manner.

Ad Loading...

Nachbahr further noted that the likelihood that a given dealership will experience a customer data breach is high. In the last 12 months, 71% of small to mid-size businesses reported a security breach, according to a July 2016 report titled IT Security at Small to Mid-Size Businesses (SMBs): 2016 Benchmark Survey. Companies with fewer than 500 employees proved the most vulnerable with a 75% breach rate.

“Dealers need to realize this is an imminent threat, and that it’s not if, but when this will happen,” he said. “Having a security plan in place is pretty much expected for every business in every industry these days, but, unfortunately, we find that many dealerships don’t think about it until it’s too late.”

Topics:Industry

More Industry

Foreign Cars Italia dealership store in front of sunset
Industryby Hannah MitchellJuly 2, 2026

Luxe N.C. Dealerships Change Hands

A collection of Italian and English brand franchises were handed off to the owner’s friend in the business and include the Carolinas’ only Ferrari retail stores.

Read More →
inside of car, person with hands on black steering wheel
Industryby Lauren LawrenceJuly 2, 2026

Exposure Drives Interest in Chinese Cars

At a recent demonstration, consumers had the chance to ride in a Chinese-branded vehicle, a firsthand experience that improved their perceptions and purchase intent.

Read More →
Woman's hands holding an wallet empty of cash
Industryby Hannah MitchellJuly 1, 2026

Automotive Consumers Sink Further in Debt

Most financing metrics hit records in the second quarter as more buyers locked themselves into long terms and high monthly payments.

Read More →
Ad Loading...
Rob Mancuso sitting in a chair on stage
Industryby Hannah MitchellJuly 1, 2026

Agent Advocate

Rob Mancuso, who comes from a long line of auto dealers, values general agents’ place in the industry and makes a case for them taking an even bigger seat at the table.

Read More →
Photo of a touchscreen on a car's dashboard
Industryby Hannah MitchellJune 25, 2026

Driving Under Distraction

Though consumers gave higher marks to new vehicles in JD Power’s most recent initial-quality poll, high-tech interference worsened, pointing to craving for simplicity.

Read More →
split background green and blue. 2019 to 2025 with car going from starting location to end point. $37,310 and $48,402. Agent Entrepreneur logo
Industryby Lauren LawrenceJune 25, 2026

Affordable New Cars a Thing of the Past

More than one out of five new vehicles sell for more than $60,000, according to Edmunds. That's up 7% compared to prepandemic 2019.

Read More →
Ad Loading...
Photo of multiple new SUVs on a car dealership lot
Industryby Hannah MitchellJune 22, 2026

State Follows Federal Warning on Auto Ads

The Massachusetts attorney general cautioned the state’s automotive dealers to be upfront with the consuming public about their vehicle prices or risk punishment.

Read More →
Gas pumps.
Industryby Lauren LawrenceJune 15, 2026

Consumer Outlook on the Rise

Younger generations are feeling more positive about their financial futures and current affordability pressures than older generations, according to recent TransUnion data.

Read More →
Group photo of men outside storefront.
Industryby Hannah MitchellMay 28, 2026

Pennsylvania Dealership Under New Retailers

The sale of the Chrysler Dodge Jeep Ram store puts a family auto group on a leaner path as first-time dealers take the helm.

Read More →
Ad Loading...
Hallway with lockered wiring and computer
Industryby Lauren LawrenceMay 28, 2026

Battery Storage Takes Priority Over EVs

U.S. automakers are prioritizing battery energy stationary storage over electric-vehicle production as the consumer demand for EVs lags the rest of the world.

Read More →
Ad Loading...