CDK cyberattack shuts down auto dealerships across the U.S. Here’s what you need to know.

What to do if you believe your personal data has been hacked


What to do if you believe your personal data has been hacked

03:12

CDK Global, a company that provides auto dealers across the US with sales management software and other services, has been hacked, causing the company to temporarily shut down most of its systems.

This is effectively preventing around 15,000 car dealers from making sales. General Motors dealerships rely on CDK’s systems, as does Group 1 Automotive, an auto retailer with hundreds of dealerships across the U.S. Holman, with dealerships in eight U.S. states, is another customer of CDK.

“We are actively investigating a cyber incident,” a CDK spokesperson told CBS News on Wednesday. “Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything back up and running as soon as possible.”

Later Wednesday afternoon, CDK said that after conducting tests and consulting with third-party experts, some of its systems were back up and running.

“With the work done so far, our essence [dealer management system] and digital retail solutions are back. We are continuing to conduct extensive testing on all other applications and will provide updates once we bring those applications back online,” CDK said in a statement to CBS MoneyWatch.

However, CDK told CBS MoneyWatch on Thursday afternoon that its systems were offline again after suffering another cyber attack on Wednesday.

“Late on the evening of June 19, we experienced an additional cyber incident and proactively shut down most of our systems,” the spokesperson said. “In partnership with third-party experts, we are assessing the impact and providing regular updates to our customers. We remain vigilant in our efforts to restore our services and get our merchants back to business as usual as soon as possible be possible.”

Calls to a CDK customer support hotline produced a constant busy signal. But the company’s automated filing said the outage could affect merchants for days, according to PC Mag. The message told callers: “At this time, we do not have an estimated time frame for the resolution and therefore our merchant systems will be unavailable for several days,” the publication reported.

The number of cyber attacks has been on the rise in the past year, with more than 3,200 data breaches in 2023, a 78% increase from the previous year, according to new research from data firm SOAX. These violations affected more than 65 million victims last year, he added.

CDK’s merchant management system, or DMS, is a hub that allows businesses to monitor operations from a single interface, while its retail tools allow retailers to transact online and in-store.

What is CDK?

CDK provides vendors with tools to manage payroll, inventory and back office operations.

On its website, it also promotes its cyber security skills. “CDK Cybersecurity Solutions provides a three-tiered cybersecurity strategy to prevent, defend and respond to cyberattacks so you can protect your retailer,” he says.

When did the cyber attack start?

The cyberattack on CDK Global began Tuesday evening, Bleeping Computer, a cybersecurity news site, reported Wednesday, taking offline the 15,000 car dealerships it serves.

As mentioned above, CDK said it suffered another cyber attack on Wednesday evening.

It is currently unknown who or what group is behind the cyber attack.

How are sellers reacting?

Some vendors appeared to get creative to continue doing business during the outage. Employees of the dealership posted about the outage on Reddit Wednesday, sharing that they were relying on signs and sticky notes to sell customers small parts and make repairs, but that they weren’t doing any large transactions.

One employee asked the other dealership employees, “How many of you are standing around because your entire store runs on CDK?” under the headline “CDK down,” with users in Wisconsin and Colorado confirming their vendor transaction systems were offline.

Leave a Comment