CDK Global, a leading provider of software solutions to auto dealerships across the United States, has fallen victim to a severe cyberattack, prompting widespread disruption and urgent efforts to restore operations for its approximately 15,000 dealership clients nationwide.
The cyber incident began with an initial intrusion reported on Tuesday evening, severely impacting CDK’s ability to support critical dealership functions. Major clients such as General Motors dealerships, Group 1 Automotive, and Holman Automotive rely heavily on CDK’s systems for managing sales, inventory, payroll, and other essential operations.
Responding swiftly to the breach, CDK took immediate action by temporarily shutting down most of its operations as a precautionary measure. A spokesperson for CDK confirmed to CBS News that the company is actively investigating the cyber incident and working diligently to restore full functionality across its platforms.
Many auto dealerships noted that they are handing out post it notes and using excel spreadsheets according to reddit. Some claim that large jobs are not happening at any dealerships at the moment.
Despite initial progress made in restoring its core dealer management system (DMS) and Digital Retailing solutions by Wednesday afternoon, CDK faced another cyberattack later that day, necessitating another shutdown of its systems.
“We experienced an additional cyber incident and proactively shut down most of our systems,” the spokesperson explained. “We are assessing the impact in partnership with third-party experts and providing regular updates to our customers.”
These successive cyberattacks underscore the growing threat posed by cybercrime, which has seen a significant rise in recent years. According to data from SOAX, there were over 3,200 data breaches in 2023 alone, affecting more than 65 million individuals—an alarming 78% increase from the previous year.
ADVERTISEMENT
CDK Global’s DMS is a crucial component for dealerships, facilitating comprehensive management of daily operations and customer interactions, both online and in showrooms. The disruption has forced dealership staff to resort to manual methods such as spreadsheets and handwritten notes to handle minor transactions and repairs, while larger transactions and regular operations remain severely impacted by the system outage.
Known for its robust cybersecurity measures, CDK Global employs a proactive three-tiered strategy aimed at preventing, protecting, and responding to cyber threats. This incident highlights the company’s dedication to safeguarding dealership data and operations against potential breaches.
As investigations into the cyber incidents continue, the identity and motives of the attackers remain unknown. CDK Global continues to provide updates to affected dealerships as it works tirelessly to restore services and minimize disruptions.
Details about the cause of the incident, which forced numerous dealerships to rely on paper records for routine services, have been sparse, according to Proton Vice President Brad Holton. He added that while some services had been restored by Wednesday afternoon, issues persisted with others.
Affected dealerships included a BMW store in Manhattan, which had to delay car servicing and appointment scheduling, and Barbera’s Autoland in Philadelphia, which experienced disruptions in customer record access and repair order printing capabilities.
National Automobile Dealers Association President and CEO Mike Stanton has indicated the organization’s efforts to gather additional information about the incident from CDK.
ADVERTISEMENT
