Cybersecurity and Data Theft

Data theft-It’s not just for medical facilities

By Charles Parker, II

There’s been volumes written about data theft in medical facilities, methods, and effects. This is no wonder given the mountain of data created daily from the patient care and operations.

Another viable target would be auto dealerships. These dealerships hold much the same data that hospitals would generally. When a person purchases their vehicle, as a course of the process, they provide their name, address, data of birth, SSN, financial information, and other data. The hospital or medical care facility collects much the same, with additional data for the patient care.

In this case an automotive dealership was compromised. On or about May 27, 2023, the Jeff Wyler Automotive Family an unauthorized party compromised their perimeter security and was able to access the consumer information (e.g., name, date of birth, SSN, driver’s license or state ID #, medical information, health insurance information, and financial information). This was detected on January 29, 2024.

The method of attack unfortunately was not detailed. Anytime this event occurs, there’s something to learn and use to build up your defenses. This experience does highlight the need for regular cybersecurity assessments. This, depending on the environment and budget, may consist of vulnerability scans, per tests, and threat feeds for your equipment. This also includes working on the vulnerabilities to remove these and secure your system.

About the Author-

Charles Parker II has been working in the info sec field for over a decade, in the banking, medical, automotive, and staffing industries. Charles has matriculated and attained the MBA, MSA, JD, LLM, and is in the final stage of the PhD in Information Assurance and Security (ABD) from Capella University. Mr. Parker’s areas of interest include cryptography, AV, and SCADA.