CDK cyber issue

Cobra Jet · Jun 21, 2024

In the event some aren’t aware, CDK had a cyber event where it affected 15,000 Car Dealerships across the US and Canada…
https://www.cnn.com/2024/06/21/business/cdk-global-car-dealership-outage/index.html

The question is - has everyone’s data been compromised?

At what point will people’s personal data be secure? Meaning how many hacks does it take to get these Corps. to invest in or be current with security on servers, software packages, access levels, etc?

It’s getting a little ridiculous with all the security breaches and hacks lately…

mavisky · Jun 21, 2024

I work in this space on the cyber insurance side and the short answer is that there's no 100% secure system and 8 out of 10 times the point of attack isn't a network, but rather the person behind the desk who clicks an attachment from an e-mail they don't recognize as being a fraudulent e-mail and downloading a trojan horse that lets the hacker in.

The latest report I was reading stated that some of these hackers are actually in these network for up to 240 days before launching their attack scraping information and looking for further vulnerabilities.

https://www.beazley.com/en-US/cyber...defences-with-managed-detection-and-response/

sk47 · Jun 21, 2024

Hello; Found out recently I was included in the AT&T data breach. I am using an Experian Identity works aid for a year at AT&T's expense. So far all is good. Seems my phone numbers were found on the dark web but no critical data other than what AT&T had when I last changed my address 14 years ago. My cell in a simple trac-fone and although internet capable I have not turned that part on.
My question(s) are about how to protect myself individually. I do not use a credit card online. I do not keep banking records on my computer. I do not use a smart phone. I generally do not open e-mails from unknown places and often from known businesses. If i get an e-mail from a business I tend to call to see what is going on.

I avoid giving out my SS #. Makes doing a car deal less in my favor as I do not finance.

mavisky said:
work in this space on the cyber insurance side and the short answer is that there's no 100% secure system

This has been my take for some time. I recently switched to a fiber optic service thru my local county power company in association with a neighboring power company. I had been with the power company 14 years at the time. After they ran the fiber cable to the house I was to call and arrange for a tech to set up the box inside the house. The agent for the neighboring power company insisted on my giving out my SS#. I refused and called the local power company guy I had been working with. Basically, I reminded that had not missed a payment nor been late with one in 14 years. That if such was not sufficient to cancel the change over. He worked this out with the associated power company.

Guess my questions are these decent precautions and are there other steps to take. The not using a credit card online presents problems. Makes some purchases a pain.

The Demon · Jun 21, 2024

sk47 said:
Hello; Found out recently I was included in the AT&T data breach. I am using an Experian Identity works aid for a year at AT&T's expense. So far all is good.

I was also part of that breach and I haven't signed up yet. I am hesitant to give them any information that can be hacked again.

What info did they ask you to provide when you signed up?

mavisky · Jun 21, 2024

The Demon said:
I was also part of that breach and I haven't signed up yet. I am hesitant to give them any information that can be hacked again.

What info did they ask you to provide when you signed up?

I was part of it as well. The credit monitoring is provided by a third party service and is a standard offering as part of any cyber claim where personally identifiable information may have been leaked.

I also froze my credit with all 3 credit bureaus as well just to be safe.

The Demon · Jun 21, 2024

mavisky said:
I was part of it as well. The credit monitoring is provided by a third party service and is a standard offering as part of any cyber claim where personally identifiable information may have been leaked.

I also froze my credit with all 3 credit bureaus as well just to be safe.

I'm assuming that to monitor you they are going to need addresses, SS#, etc.

mavisky · Jun 21, 2024

The Demon said:
I'm assuming that to monitor you they are going to need addresses, SS#, etc.

Well it's hard to know what they're monitoring if you don't tell them.

sk47 · Jun 21, 2024

The Demon said:
I was also part of that breach and I haven't signed up yet. I am hesitant to give them any information that can be hacked again.

What info did they ask you to provide when you signed up?

Hello; Afraid it is a catch 22 sort of thing. They do insist on some levels of personal information including SS # if I recall correctly. I tried to not give it but the logic appears to be they need some info to do the monitoring.
I figured such info may be part of what was lost so likely that info is already out there. I share your concerns about maybe being hacked again.

sk47 · Jun 21, 2024

mavisky said:
I also froze my credit with all 3 credit bureaus as well just to be safe.

Hello; I considered this as well. Did you do online or on the phone?

The Demon · Jun 21, 2024

mavisky said:
I also froze my credit with all 3 credit bureaus as well just to be safe.

I also did this as soon as I got the email. That’s why I didn’t do the identity works right away. I did do it this afternoon but only giving them the minimum. Shocking to see how much of your stuff is in the dark web.

mavisky · Jun 21, 2024

sk47 said:
Hello; I considered this as well. Did you do online or on the phone?

Online

CDK cyber issue

Cobra Jet

Well-Known Member

mavisky

Well-Known Member

sk47

Well-Known Member

The Demon

Well-Known Member

mavisky

Well-Known Member

The Demon

Well-Known Member

mavisky

Well-Known Member

sk47

Well-Known Member

sk47

Well-Known Member

The Demon

Well-Known Member

mavisky

Well-Known Member

Similar threads