Consumers whose information was pilfered likely never knew that they had a digital relationship with this particular vendor for VW Group of America. They would have reasonably assumed that their electronic interactions were with their local dealer, or perhaps with the brand or the automaker itself.
Similarly, if any consumers suffer a loss because of this breach, it’s unlikely that they will direct their ire at the vendor that collected their information and then failed to secure it.
Properly protecting customer information has always been a necessary job at dealerships. As file rooms have given way to server farms, there must be more than a lock on the door to keep information secure — and that requires additional attention to detail.
Dealers must educate themselves to the online threats their businesses now face daily, and prepare their defenses with no less attention than they pay to their cash flow or inventory.
During the Cold War, “trust, but verify” became an operational mantra for how to live with existential threats. It’s also a good one for anyone trying to keep customer data safe from cyberattacks.