Vehicles outside a dealership in Colorado. CDK Global, a company that provides software for thousands of car dealers in the US and Canada, was hit by back-to-back cyberattacks. Photo / David Zalubowski, AP, File
Car dealerships across North America faced major disruptions after back-to-back cyberattacks struck CDK Global, a company that provides software for thousands of dealers.
An Eastern European cybercrime group was demanding an extortion payment, according to a Bloomberg report on the weekend.
The attacks led to an outage on Wednesday across the US and Canada. And even this morning, the problem was unresolved, with the software company telling CNN it would take several days to complete necessary repairs.
For prospective car buyers, that could mean delays at dealerships or vehicle orders written up by hand.
Thad Szott, whose family owns dealerships in Michigan, told the Detroit Free Press at least half the dealers nationwide were struggling with the situation. He sells Ford, Chrysler, Jeep, Dodge, Ram and Toyota.
“CDK is basically our operating system inside our dealerships that does all of our accounting, supports us working with lease payments, cash prices, look up parts, write up repair orders. Basically, everything that operates inside the dealership on the computer,” Szott told the Detroit newspaper.
“Rumour is there is some type of ransom demand and they had to shut down the system to make sure there was no data leak,” Szott added.
CDK Global is a major player in the auto sales industry. The company, based just outside of Chicago, provides software technology to dealers that helps with day-today operations — like facilitating vehicle sales, financing, insurance and repairs.
CDK was “actively investigating a cyber incident” and the company shut down all of its systems out of an abundance of caution, spokesperson Lisa Finney said on Wednesday.
Finney said CDK “executed extensive testing,” consulted third-party experts, and restored its core DMS and Digital Retailing solutions by the afternoon.
But CDK experienced another “cyber incident” on Wednesday evening, Finney said in a update the following day.
“We remain vigilant in our efforts to reinstate our services and get our dealers back to business as usual as quickly as possible,” she said.
As of Friday morning, US time, a recorded message from CDK on a hotline detailing updates for its customers said “we do not have an estimated time frame for resolution — and therefore our dealer systems will not be available, likely for several days.”
The message added that the company was aware of “bad actors” posing as members or affiliates of CDK to try to obtain system access by contacting customers.
Phishing scam warning
It urged employers to be cautious of any attempted phishing.
Several major auto companies — including Stellantis, Ford and BMW — confirmed to The Associated Press on Friday that the CDK outage had impacted some of their dealers, but that sales operations continue.
In light of the ongoing situation, a spokesperson for Stellantis said many dealerships had switched to manual processes to serve customers.
A Ford spokesperson said the outage might cause “some delays and inconveniences at some dealers and for some customers”.
But many Ford and Lincoln customers were still getting sales and service support through alternative routes being used at dealerships.
With many details of the cyberattacks still unclear, customer privacy was also at top of mind — especially with little known about what information may have been compromised this week.
In a statement sent to the AP on Friday, Mike Stanton, president and CEO of the National Automobile Dealers Association, said dealers were very committed to protecting customer information.
Stanton said the association was actively seeking information from CDK to determine the nature and scope of the cyber incident so that dealers could respond appropriately.
Stanton added: “Thousands of franchised new-car dealerships rely on CDK to run their businesses and this outage has impacted dealers’ ability to provide a seamless customer experience and process transactions efficiently”.
Car manufacturer Ford told CNN it was working with dealers to set up alternative software systems and other workarounds.
In March this year, confidential New Zealand client information was stolen in a cyberattack and blackmail attempt by overseas hackers against a software company providing services to car dealers and workshops.
Software company Auxo went to the High Court to get a restraining order to try to stop anyone using or sharing client information that might be published online.