Auto Finance News
  • Home
  • News
  • Features
  • Events
    • Auto Finance Summit East
    • Equipment Finance Connect
    • Auto Finance Summit
    • PowerSports Finance Summit
  • Webinar
    • Harnessing AI & Machine Learning to Address Vehicle Affordability Issues
    • Webinar Library
  • Podcast
  • Powersports
  • Big Wheels Data

No products in the cart.

Subscribe
  • Capital & Funding
  • Compliance
  • Risk
  • Technology
  • Best Practices
  • Compliance Monitor
Log In
No Result
View All Result
Auto Finance News
  • Home
  • News
  • Features
  • Events
    • Auto Finance Summit East
    • Equipment Finance Connect
    • Auto Finance Summit
    • PowerSports Finance Summit
  • Webinar
    • Harnessing AI & Machine Learning to Address Vehicle Affordability Issues
    • Webinar Library
  • Podcast
  • Powersports
  • Big Wheels Data
BIG Wheels
Log In
No Result
View All Result
Auto Finance News
No Result
View All Result

What Capital One’s data breach means for auto finance

Nicole CaspersonbyNicole Casperson
July 30, 2019
in Best Practices
Reading Time: 2 mins read
0

In the wake of Capital One Financial’s data breach, auto lenders should evaluate ways to tighten up cybersecurity and identify points of vulnerability.

The breach compromised 140,000 Social Security Numbers, and 80,000 bank account numbers were made available, according to the bank’s response to the breach. However, the impact might be “somewhat contained,” said Brian Landau, senior vice president and TransUnion’s auto line of business leader.

“Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual,” the bank noted. “However, we will continue to investigate.”

Yet, the threat alone should be enough to prompt auto lenders to double-check their cybersecurity practices, said Jeremy Acevedo, Edmunds‘ manager of industry analysis. “On the heels of a wave of massive data breaches, the auto loan industry needs to redouble security and search for any points of vulnerability,” he said. “With so many involved parties in the auto loan process, it is imperative to get buyers, dealers and lenders on the same page.”

Auto loans include a full complement of sensitive personal data, from SSNs and contact information to employment and vehicle information. “In the wrong hands, this is a treasure trove of information that can be put to ill-use,” Acevedo added.

To that end, lenders should ensure that dealer partners are taking the necessary measures to prevent cyber attacks, Landau said. “With the indirect model today — dealers are [lenders’] first line of defense,” he said. “[Lenders] who are interacting in a digital way need to be more judicious in their ID tech.”

The best tip for lenders is to move away from sharing consumers’ SSNs on the internet via their dealerships’ online financing. “Lenders want consumers to have the ability to reduce friction online,” Landau said, noting that consumers may shy away from a lender’s online portal if they have to share SSNs. In fact, a lender can give a consumer a prequalification with just a name and physical address, Landau said.

Franchise dealership Burlington Volkswagen, for one, is a New Jersey-based dealership that does not require a SSN as a part of its prequalification process, said Ken Luna, vice president of strategic partnerships at CreditMiner. “Dealers should get rid of their financing app online to require SSNs,” Luna said. “It’s easy to misuse it, and it’s easy to fall into the wrong hands.”

CreditMiner, a company that provides bureau data to 1,000 dealership partners, argues that instead, a consumers’ SSN should be shared in person at the dealership once the consumer is ready for a qualified offer. “We are an extension of the credit bureaus,” Luna said. “For [Equifax] to get hacked as they did and continue to use SSNs in the prequalification process — it’s crazy.”

Capital One Financial’s stock was down 7.39%, trading at $89.80 per share on the New York Stock Exchange at press time. The company has a market capitalization of $42.3 billion.

Tags: capital onedata breachEquifaxfraud
Previous Post

Ford Credit scales back leasing

Next Post

SNAAC’s SVP of servicing joins AFS speaker faculty

Related Posts

TJ Villanueva, vice president and associate counsel at GM Financial, speaks at Auto Finance Summit East 2025.
Best Practices

3 words of compliance advice from GM Financial counsel 

May 21, 2025
The US Consumer Financial Protection Bureau headquarters in Washington, DC.
Best Practices

Assessing compliance, risk for undocumented borrowers 

April 4, 2025
Cars lined up in a parking lot
Best Practices

5 questions with … Synchrony SVP of Credit Acquisition Strategy Anita Chalkley

April 1, 2025
Next Post
© Can Stock Photo / cecilialim

SNAAC’s SVP of servicing joins AFS speaker faculty

Please login to join discussion

Stay Informed with Our Newsletters

PowerSports Finance

The Roadmap Podcast

ABOUT US

HELP CENTER

ADVERTISE

PRIVACY TERMS

ADA COMPLIANCE

CODE OF JOURNALISM ETHICS

Manage Cookie Consent

EXECUTIVES OF THE YEAR

AUTO FINANCE EXCELLENCE AWARDS

MAGAZINE ARCHIVE

INDUSTRY GLOSSARY

facebook linkedin twitter podcast podcast
© 2025 Royal Media
No Result
View All Result
  • Home
  • News
    • All News
    • Capital & Funding
    • EVs
    • Technology
    • Management
    • Powersports Finance News
    • Risk Management
    • Sales & Marketing
  • Events
    • Auto Finance Summit East
    • Equipment Finance Connect
    • Auto Finance Summit
    • PowerSports Finance Summit
  • Features
    • Latest Issue
    • Features
    • New Tracks
    • Car Culture
    • Staffing Shuffles
    • Under The Hood
    • Spotlight
    • Issue Archive
  • Webinar
  • Podcast
  • Big Wheels Data
  • SUBSCRIBE
  • Log In / Account

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • News
    • All News
    • Capital & Funding
    • EVs
    • Technology
    • Management
    • Powersports Finance News
    • Risk Management
    • Sales & Marketing
  • Events
    • Auto Finance Summit East
    • Equipment Finance Connect
    • Auto Finance Summit
    • PowerSports Finance Summit
  • Features
    • Latest Issue
    • Features
    • New Tracks
    • Car Culture
    • Staffing Shuffles
    • Under The Hood
    • Spotlight
    • Issue Archive
  • Webinar
  • Podcast
  • Big Wheels Data
  • SUBSCRIBE
  • Log In / Account

THIS WEBSITE USES COOKIES

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “I CONSENT”, you consent to the use of ALL the cookies.

Cookie settingsI CONSENT

Review our Cookie Policies
.
Manage Cookie Consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
34f6831605sessionGeneral purpose platform session cookie, used by sites written in JSP. Usually used to maintain an anonymous user session by the server.
a64cedc0bfsessionGeneral purpose platform session cookie, used by sites written in JSP. Usually used to maintain an anonymous user session by the server.
CookieConsentPolicy1 yearUsed to apply end-user cookie consent preferences set by our client-side utility.
cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
crmcsrsessionGeneral purpose platform session cookie, used by sites written in JSP. Usually used to maintain an anonymous user session by the server.
JSESSIONIDsessionThe JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
LS_CSRF_TOKENsessionCloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed.
LSKey-c$CookieConsentPolicy1 yearUsed to apply end-user cookie consent preferences set by our client-side utility.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
__cf_bm30 minutesThis cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
_zcsr_tmpsessionZoho sets this cookie for the login function on the website.
663a60c55dsessionThis cookie is related to Zoho (Customer Service) Chatbox
e188bc05fesessionThis cookie is set in relation to Zoho Campaigns
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT2 yearsYouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
vuid2 yearsVimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
CookieDurationDescription
__Host-GAPS2 yearsThis cookie allows the website to identify a user and provide enhanced functionality and personalisation.
_dc_gtm_UA-1038974-31 minuteUsed to help identify the visitors by either age, gender, or interests by DoubleClick - Google Tag Manager.
_fbp3 monthsThis cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr3 monthsFacebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
test_cookie15 minutesThe test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE5 months 27 daysA cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSCsessionYSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devicesneverYouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-idneverYouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextIdneverThis cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requestsneverThis cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
caf_ipaddrsessionNo description available.
citysessionNo description available.
countrysessionNo description available.
gnt_eidsessionNo description available.
gnt_eu6 hoursNo description
iamcsrsessionZoho (Customer Support) sets this cookie and is used for tracking visitors (for performance purposes)
systemsessionNo description available.
traffic_targetsessionNo description available.
Save & Accept
Powered by CookieYes Logo