Massive Cyberattacks Are Hitting More Than 15,000 Dealerships Right Now

Plainfield Circa September 2020: Chevrolet Automobile Dealership. Chevy Is A Division Of General Motors And Makes The Silverado, Camaro And Impala.
ADVERTISEMENT

If you’re looking at buying a car over the next 24 hours or so, there’s a good chance that process got much harder, depending on where you’re buying from. CDK Global, the largest provider of dealer management services in North America, has been subject to not one, but two cyberattacks in the past two days, and while the implications for immediate operations at dealerships using the firm’s services are clear, the picture of the total fallout looks murky at best.

On Wednesday morning, CDK Global shut down its services due to what it called a “cyber incident,” plunging more than 15,000 dealerships across North America back into the 1980s. See, CDK is a leading provider of dealer management software, which covers everything from parts invoicing to payroll. Soon after, the firm issued this statement:

Erring on the side of caution, we proactively shut all systems down and executed extensive testing and consulted with external third-party experts. With the work done so far, our core DMS and Digital Retailing solutions have been restored. We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online. Our first priority is always the security of our customers, and our actions reflect our obligation to them as a trusted partner.

By Wednesday afternoon, it seemed like things were clearing up. Automotive News reported that CDK claimed its dealer management system was unaffected by the cyberattack, and service started to be restored. While not every piece of CDK software was back online, things started to look hopeful. The situation started looking less hopeful later that evening, because another cyberattack happened. Here’s the latest statement from CDK, as published by Automotive News:

We are sorry to inform you that we experienced an additional cyber incident late in the evening on June 19th. Out of continued caution and to protect our customers, we are once again proactively shutting down most of our systems.

We are currently assessing the overall impact and consulting with external third-party experts. At this time, we do not have an estimated time frame for resolution and therefore our dealers’ systems will not be available at a minimum on Thursday, June 20th.

Well, that’s not good. As of right now, continuing operations appears to be a scramble. Some dealerships are going back to paper invoices. Others are dealing with phone system issues, given how some use CDK’s customer communications systems. Dealers using Reynolds and Reynolds or Dealertrack are continuing operations as normal, as software from competing firms is unaffected, but still, while the lighting has flashed, the flood is yet to come in. See, the motive and wider effects of these cyberattacks have yet to be released, and depending on how far deep things go, it could affect more than just internal operations.

Honda Dealer Average New Vehicle Transaction Price
Photo credit: yonkershonda licensed under CC BY-SA 2.0

While CDK Global is most known for its dealer management system, it also offers finance and insurance software, including the ability to run credit checks on customers. If a substantial data breach has occurred, information leaks could go far beyond the personal identifying information of dealership employees. Granted, as of Thursday, it’s not known if these cyberattacks exposed customer data, but this is something to hold tight on.

Support our mission of championing car culture by becoming an Official Autopian Member.

Relatedbar

Got a hot tip? Send it to us here. Or check out the stories on our homepage.

About the Author

View All My Posts

71 thoughts on “Massive Cyberattacks Are Hitting More Than 15,000 Dealerships Right Now

  1. I work at a dealership that was affected, we’re just writing paper invoices by hand and trying to work around CDK not existing, but a lot of our wholesale customers are going to other dealerships that are still operational, so this’ll definitely cut into our sales numbers. And that’s not even getting into the potential fallout from customer data getting into the wrong hands.

    1. > customer data getting into the wrong hands

      Customer data is already in the salespeople’s hands. How much worse can it get?

  2. I work at a dealership that was affected, we’re just writing paper invoices by hand and trying to work around CDK not existing, but a lot of our wholesale customers are going to other dealerships that are still operational, so this’ll definitely cut into our sales numbers. And that’s not even getting into the potential fallout from customer data getting into the wrong hands.

    1. > customer data getting into the wrong hands

      Customer data is already in the salespeople’s hands. How much worse can it get?

  3. I’ve been an incident responder in cybersecurity since 2016. If CDK is following a good playbook they are isolating the various parts of the infrastructure from each other, their clients and the internet. This is what Colonial Pipeline did in response to their incident and it was very effective in limiting the scope and allowed them to recover relatively quickly. It’s painful for now, but hopefully they have a good recovery plan as well.

  4. I’ve been an incident responder in cybersecurity since 2016. If CDK is following a good playbook they are isolating the various parts of the infrastructure from each other, their clients and the internet. This is what Colonial Pipeline did in response to their incident and it was very effective in limiting the scope and allowed them to recover relatively quickly. It’s painful for now, but hopefully they have a good recovery plan as well.

  5. I bet I’m not the only one who looked at the RSS feed and read:

    “Massive Cybertrucks Are Hitting More Than 15,000 Dealerships Right Now”

    I am? Okay.

  6. I bet I’m not the only one who looked at the RSS feed and read:

    “Massive Cybertrucks Are Hitting More Than 15,000 Dealerships Right Now”

    I am? Okay.

Leave a Reply