Cyberattack Shuts Down Auto Dealerships Across the US
Published On: June 24th, 2024
Key Points:
- CDK Global, a software provider for auto dealerships, was hit by a cyberattack
- The attack disrupted operations for over 15,000 car dealerships across the U.S.
- Dealerships were forced to resort to manual processes like paper record-keeping
- The attack potentially compromised the sensitive financial details of millions of customers
- CDK Global has begun restoring some services but continues to investigate the incident
Car dealerships across the United States have been thrown into chaos following a major cyberattack on CDK Global, a leading software provider in the automotive industry. The attack, which occurred late Tuesday night, caused CDK Global to shut down its systems, leaving many dealerships unable to conduct normal business operations.
Content
Incident Overview
CDK Global provides a comprehensive SaaS platform that manages various dealership functions, including customer relationship management (CRM), financing, payroll, support services, inventory management, and back-office operations. The cyberattack forced the company to take its systems offline, disrupting the activities of more than 15,000 dealerships across North America.
Brad Holton, CEO of Proton, a cybersecurity firm serving the auto industry, reported that the attack began around 2 a.m. Eastern Time. Dealerships relying on CDK’s services found themselves unable to access critical systems, leaving employees to revert to manual processes. Some dealerships, such as a BMW store in Manhattan, had to halt all new business, including scheduling appointments and servicing vehicles.
Impact on Dealerships
The disruption has been extensive, with dealerships unable to access customer records, set appointments, or print repair orders. Employees at several locations have had to use spreadsheets and post-it notes to manage parts and services, while some dealerships have sent employees home due to the outages.
Restoration Efforts
CDK Global has started restoring some of its core systems, including its Dealer Management System (DMS) and digital retailing solutions. However, many services remain non-operational as the company continues to conduct extensive testing and investigations to determine the full impact of the cyberattack.\
Potential Data Compromise
There are concerns that the cyberattack may have compromised sensitive financial details for millions of customers. The situation is still evolving, and CDK Global has yet to provide a detailed account of the incident. Speculations suggest it might be a ransomware attack, which could prolong the disruption as negotiations and data recovery efforts occur.
Conclusion
This incident highlights the critical importance of cybersecurity in the automotive industry, which relies heavily on integrated software systems. As CDK Global works to restore its services, dealerships and their customers face ongoing uncertainty and operational challenges. The company’s priority remains the security of its customers, reflecting its commitment to addressing the breach and preventing future incidents.