Numerous prominent car dealership corporations in the United States have reported disruptions as a result of a ransomware attack on CDK Global, a widely utilized software company by car dealers throughout North America. The assault, which commenced last Tuesday, has compelled CDK Global to cease operations, leading to substantial work stoppages at numerous dealerships. The affected car dealership corporations, including Lithia Motors, Group 1 Automotive, Penske, and Sonic Automotive, have all notified the U.S. Securities Exchange Commission (SEC) about the disturbances caused by the cyberattack.
CDK Global’s principal offering is a software as a service platform that plays a pivotal role in overseeing various facets of dealership operations such as customer relationships, sales, financing, service, inventory, and back-office functions.
In response to the attack, the SEC filings disclosed that the affected corporations have had to implement incident response plans to ensure ongoing operations, despite the CDK Global systems being offline. Even though precautionary measures have been taken, such as severing connections with CDK and implementing business continuity plans, Sonic Automotive has expressed uncertainty regarding the extent to which customer data may have been accessed by the threat actor.
The impact of the cyberattack on the affected corporations is currently under evaluation, with considerations regarding the potential financial ramifications. While CDK Global is endeavouring to restore its dealer management system, the specific timeline for complete recovery remains uncertain, leaving the affected corporations to operate using manual or alternative procedures developed in response to such incidents.
There have been reports that CDK Global is in discussions with the ransomware gang responsible for the attack, suggesting that the company is deliberating on paying the ransom. Furthermore, there have been reports of hackers posing as CDK staff in an attempt to gain unauthorized access to systems, prompting CDK to provide customers with precautionary prerecorded messages.
With CDK Global’s systems being utilized by over 15,000 car dealerships across North America, the impact of the cyberattack is widespread, affecting crucial operations such as car sales, repairs, registrations, and other essential services.
Jonathan Greig, a Breaking News Reporter at Recorded Future News, provided the updates on this cyber incident. With experience as a journalist across the globe, Jonathan’s coverage on cybersecurity brings valuable insights into the evolving landscape of cyber threats and their impact on businesses.
As the affected car dealerships continue to grapple with the aftermath of the cyberattack, the industry will be closely monitoring the developments, with a particular focus on the measures taken by CDK Global to restore its systems and mitigate the impact on its customers.