A centralized database used by 128 auto dealerships was found leaking unencrypted personally identifiable information (PII).
A centralized database used by 128 auto dealerships was found leaking unencrypted personally identifiable information (PII).

Security researchers discovered millions of car dealership customers' information leaking from an online database. The leaked data originated from a database product known as LightYear.

A centralized database used by 128 auto dealerships was found leaking unencrypted personally identifiable information (PII), a MacKeeper blog post claimed.

The leaked data included full names, addresses, phone numbers, social security numbers, payroll data, and other information belonging to customers and employees of the car dealerships.

The LightYear product is sold to car dealerships as a centralized ‘dealer management system' that provides inventory management, sales, customer management, and finance, and payroll.

MacKeeper researchers said they discovered the information on Shodan, a search engine of insecure internet-connected databases and devices. The same Shodan query method helped security researcher Chris Vickery discover MacKeeper leaking 13 million account details.