Dealers hammered by outage

Car dealerships across North America are grappling with significant disruptions following cyberattacks on a major software provider, CDK Global, which serves thousands of auto dealers in the U.S. and Canada.

On June 19, CDK Global experienced two consecutive cyberattacks targeting dealer management systames, resulting in a prolonged outage that continues to affect dealership operations. This has led to delays for prospective car buyers. Orders are being processed manually, with pen and paper. Some media reports indicate that repair orders can’t be completed because it has to run through the computer system to be closed.

The company is calling the cyberattack “a ransom event” with Bloomberg reporting the attack being linked to a group called BlackSuit. Bloomberg also reported that the ransom was set at tens of millions of dollars and that CDK was planning to pay.

“When you see an attack of this kind, it almost always ends up being a ransomware attack,” Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, told the Associated Press. “We see it time and time again unfortunately, [particularly in] the last couple of years. No industry and no organization or software company is immune.”

CDK anticipates the restoration process to not happen earlier than the end of June, according to a memo sent to dealers and seen by Reuters. The company has asked dealers to make alternate plans for their month-end financial closing processes.

Illinois-based CDK is in about 15,000 dealerships across Canada and the U.S., according to the company. It’s a crucial player in the auto sales industry, providing software for daily operations such as vehicle sales, financing, insurance, and repairs. According to Reuters, the cyber attack has impacted about half of Volkswagen dealers and around 60 per cent of Audi’s dealers in the U.S.

In response to the cyberattacks, the Associated Press reported that CDK shut down all its systems as a precautionary measure and has since begun the restoration process. The company has launched an investigation with third-party experts and notified law enforcement. CDK has also warned customers of potential phishing attempts by bad actors posing as CDK affiliates.

Major auto companies like Stellantis, Ford, and BMW confirmed to The Associated Press that the CDK outage has impacted some of their dealers, but sales operations continue. Stellantis noted that many dealerships have reverted to manual processes, including writing up orders by hand.

A Florida man is now suing CDK in a potential class action lawsuit, saying the company neglected to safeguard his private information and claims that his private information — including his Social Security number, financial details, credit card numbers and bank account information — was impacted in the breach. He further claims the software company should have been better prepared for the cyberattack, given the prevalence of such risks.