CDK Global, a leading Software-as-a-Service (SaaS) platform for car dealerships, has been hit by two consecutive cyberattacks, causing widespread disruption across the automotive industry. The company, which provides essential software for dealership operations, including sales, inventory management, and customer service, is now facing a significant crisis.
Timeline of the Attacks
The first breach occurred on Tuesday night, June 18, 2024, forcing CDK Global to shut down its data centers, IT systems, and login services. As the company was in the process of restoring its services, a second attack struck late Wednesday evening, June 19, compelling CDK to once again take down most of its systems.
Impact on Car Dealerships
The cyberattacks have led to massive outages, affecting thousands of car dealerships across the United States. Dealerships are unable to conduct normal operations, including:
- Servicing vehicles
- Selling new cars
- Accessing inventory systems
- Processing financing applications
- Performing back-office functions
Brad Holton of Proton Dealership IT, owned by CDK competitor Reynolds and Reynolds, reported that all of his customers remain affected, with limited information being shared by CDK about the incident.
Major Automotive Groups Affected
The outages are impacting some of the largest automotive dealers in the world. Penske Automotive Group confirmed that its commercial truck dealership, Premier Truck Group, has been affected. The company stated:
Our Premier Truck Group business utilizes CDK, and its systems are disrupted. The commercial truck dealership business has lower volumes than the automotive business and principally serves business customers. Premier Truck Group has implemented its business continuity response plans and continues to operate through manual processes developed to respond to such incidents.
Restoration Efforts and Concerns
CDK Global initially aimed to bring systems back online by Friday, June 21. However, a more recent update indicates that the company can no longer provide an estimated timeframe for resolution, and the outage is likely to continue for several more days
Cybersecurity and IT professionals in the automotive industry have expressed concerns that CDK may be moving too quickly to restore services, potentially increasing the risk to its customers. There are worries that not properly investigating the scope of the breach before bringing servers back online could lead to further cyberattacks and a greater risk of customer data theft.
Impact on Car Buyers and Owners
The cyberattacks are not only affecting dealerships but also impacting customers who want to purchase new cars or service existing ones. Many potential buyers have reported being turned away from dealerships due to system outages. Car owners seeking service may face delays in receiving parts due to inventory system failures.
CDK Global’s Response
CDK Global spokesperson Lisa Finney stated:
Late in the evening of June 19, we experienced an additional cyber incident and proactively shut down most of our systems. In partnership with third-party experts, we are assessing the impact and providing regular updates to our customers. We remain vigilant in our efforts to reinstate our services and get our dealers back to business as usual as quickly as possible.
The company is working with external cybersecurity experts to investigate the incidents and restore services. However, as of now, most of CDK’s systems remain offline, and dealers are advised not to attempt accessing the Dealer Management System (DMS) until it is confirmed secure.
Ongoing Concerns and Future Implications
This double cyberattack on CDK Global highlights the vulnerability of SaaS platforms in the automotive industry. As dealerships increasingly rely on digital systems for their operations, the potential impact of such breaches becomes more severe. The incident serves as a stark reminder of the importance of robust cybersecurity measures and the need for comprehensive incident response plans in the automotive sector.