CDK, a software maker that provides customer management software to car dealerships and auto shops across North America, is facing significant disruptions due to back-to-back cyberattacks. The attacks, reportedly ransomware, began on June 19 and have caused widespread outages for CDK’s dealership customers.
The company has stated that it will take several days to bring its systems back online. CDK spokesperson Lisa Finney confirmed that they have started the restoration process and are actively engaging with customers to provide alternate ways to conduct business. However, no specific timeline for recovery has been provided.
CDK’s flagship dealer management software, which is crucial for dealerships and auto shops to handle customer and vehicle records, remains largely inoperable. This has led to ongoing outages for various companies that rely on CDK software, such as Group 1 Automotive, Sonic Automotive, and Penske.
Group 1 Automotive, one of the largest car dealerships in the United States, reported continued disruption across its operations due to the CDK cyberattack. Similarly, Sonic Automotive and Penske have also experienced varying levels of outages.
The severity of the cyberattacks has prompted the hackers to demand tens of millions of dollars in ransom from CDK. It is unclear whether the company plans to pay the ransom, as CDK’s spokesperson declined to comment on the matter.
One concern arising from the ongoing incident is the potential theft of customer data. Sonic Automotive stated that it is unable to determine if any customer data was stolen while the incident is ongoing.
The impact of these cyberattacks extends beyond CDK and its customers. The automotive industry relies heavily on technology, and disruptions to critical software systems can have far-reaching consequences.
In conclusion, CDK’s ongoing cyberattacks and resulting outages have created significant challenges for car dealerships and auto shops across North America. The company is working towards restoring its systems but has yet to provide a specific timeline. The incident highlights the increasing threat of cyberattacks in the automotive industry and the need for robust cybersecurity measures to protect sensitive customer data.