3rd Party Risk Management , Governance & Risk Management , Incident & Breach Response
Auto Dealerships Using CDK Global Hit With Cyber Disruptions
Auto Dealership Tech Firm Confirms System Shutdowns After Multiple Cyber IncidentsAuto dealerships across the United States and Canada are grappling with major disruptions and entire systems shutting down amid consecutive cyber incidents affecting CDK Global.
See Also: Gartner Market Guide for DFIR Retainer Services
The dealership software solutions company confirmed it was investigating a second cyber incident late Wednesday night after shutting down most of its systems "out of an abundance of caution and concern for our customers," a spokesperson said in a statement. An estimated 15,000 car dealerships throughout the U.S. and Canada use CDK Global systems to maintain records and sensitive data about communications and negotiated deals.
By Thursday, the company had informed car dealerships across North America that it was continuing to assess the impact of the incidents while working to reinstate services "and get our dealers back to business as usual as quickly as possible."
The National Automobile Dealers Association, a trade body representing the $1.2 trillion retail auto dealership sector, said its members are "actively seeking information from CDK to determine the nature and scope of the cyber incident so they can respond appropriately.”
The incident comes during the summer season, when car sales generally increase - along with temperatures - in most parts of the United States and as experts tell Information Security Media Group that car dealerships are facing increasingly sophisticated threats.
Major auto companies such as Ford and BMW have reported disruptions at some of their dealerships, though the full extent of the impact from the cyber incidents remains unclear. The CEO of a dealership chain in Florida and Georgia compared the outage to a hurricane and told Automotive News that operations are being conducted manually with pen and paper.
An owner of five luxury car dealerships in New York and New Jersey told CBS the incident has effectively shut down new business. "We cannot process paperwork. Everything is frozen. Everything is tied up," he said.
A receptionist at a Philadelphia dealership told Bloomberg that the outage means "we can't access customer records, can't set certain appointments. We can't even print a repair order."
The incident reveals how attacks against third party-run infrastructure can have a devastating effect, said Cliff Steinhauer, director of information security and engagement for the National Cybersecurity Alliance. "This incident not only disrupted essential operations across a vast network of dealerships but also exposed significant vulnerabilities in digital infrastructure and customer data management systems," he said.
CDK Global in a 2023 report said only a slim majority of car dealers are confident in their digital defense.
Steinhauer urged dealerships to invest in and implement advanced threat detection, robust encryption protocols and comprehensive employee training to bolster their defenses and protect sensitive customer information. "Vigilance and proactive security strategies are essential to mitigating risks and maintaining trust in the digital age," he said.