CDK Global, a provider of software solutions to auto dealerships across the United States, has fallen victim to a significant cyberattack. This CDK Global cyberattack has forced the company to temporarily shut down most of its systems, effectively bringing sales operations at approximately 15,000 car dealerships to a standstill.
The cyberattack on CDK Global has had a profound impact on major clients of CDK Global, including General Motors dealerships, Group 1 Automotive, and Holman, which operates dealerships across eight U.S. states. These dealerships rely heavily on CDK’s software to manage their daily operations, from sales transactions to inventory management.
“We are actively investigating a cyber incident. Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible”, a CDK spokesperson told CBS News.
According to the news reports, CDK reported that they had restored some of their systems after conducting extensive tests and consulting with third-party experts.
“With the work done so far, our core dealer management system and Digital Retailing solutions have been restored. We are continuing to conduct extensive tests on all other applications and will provide updates as we bring those applications back online,” CDK stated in a communication to CBS MoneyWatch.
CDK Global’s dealer management system (DMS) serves as a central hub that allows dealerships to monitor their operations from a single interface. Their retail tools enable dealerships to conduct transactions both online and in showrooms. These tools are essential for managing payroll, inventory, and various office operations.
CDK also prides itself on offering robust cybersecurity solutions, as stated on its website: “CDK Cybersecurity Solutions provide a three-tiered cybersecurity strategy to prevent, protect, and respond to cyberattacks so you can defend your dealership.
Dealerships’ Response to the CDK Global Cyberattack
The sudden outage has caused widespread disruption among car dealerships. Many have been forced to find creative solutions to continue their operations. Dealership employees took to Reddit to discuss the challenges they were facing. They reported relying on spreadsheets and sticky notes to handle small parts sales and repairs, while larger transactions were effectively halted.
One employee questioned others on Reddit, asking, “How many of you are standing around because your whole shop runs on CDK?” Responses from users in Wisconsin and Colorado confirmed that their dealership systems were offline, causing significant operational delays.
The CDK Global Cyberattack has left many employees with little to do, with some dealerships sending staff home due to the inability to conduct normal business operations. “We are almost to that point… no parts, no ROs, no times… just dead vehicles with nothing to show for them or parts to fix them,” lamented one dealership employee on Reddit.
Another employee shared, “Excel spreadsheets and post-it notes for any parts we’re handing out. Any big jobs are not happening,” highlighting the extent to which the disruption has impacted their workflow.
Potential Ransomware Attack
While CDK Global has not released an official statement on the nature of the cyberattack, rumors and reports suggest that the company may have suffered a ransomware attack that also impacted its backups. If it indeed was a ransomware attack, the outages could persist for several days, potentially stretching into the next week or longer.
The Cyber Express Team tried to reach out to CDK Global to get an official statement and know more details about the cyberattack, however, as of writing this news report no response has been received.