Car dealerships’ software shut down after cyberattack
- CDK Global is a leading provider of cloud-based software to dealerships.
- The company shut down most of its systems “out of an abundance of caution” for customers on Wednesday.
- Dealerships have had to resort to handwritten forms to continue operations.
A cyberattack on software provider CDK Global upended has operations at car dealerships across the U.S.
The company shut down most of its systems “out of an abundance of caution” for customers on Wednesday, according to CDK spokesperson Lisa Finney. The company said it restored some systems that afternoon, but the company shut down “most of its systems” once again after it was hit with an additional cyberattack later that evening, according to a letter sent to customers.
“Out of continued caution and to protect our customers, we are once again proactively shutting down most of our systems,” the letter reads. “We are currently assessing the overall impact and consulting with external 3rd party experts.”
The company did not have an estimated time frame for when systems would be back up and running. Dealerships continued to report issues with CDK systems on Friday.
Finney did not respond to questions on how many dealerships were impacted, but CDK’s website says the company works with more than 15,000 retail locations across North America.
What does CDK Global do?
One of the leading providers of cloud-based software to dealerships in the country, CDK’s software helps dealerships manage vehicle acquisitions, sales, financing, insuring, repairs and maintenance. The company’s website says it offers a “three-tiered cybersecurity strategy to prevent, protect and respond to cyberattacks.”
How are dealers being impacted?
Dealerships have had to resort to manual, handwritten forms to continue operations.
Craig Schreiber, one of the owners of the Northtown Automotive Companies, said the company has contingency plans in place that have allowed its dealerships near Buffalo, New York, to continue servicing and selling vehicles.
“We are able to go ‘old school’ as a result of our prior preparation, including the use of handwritten, manual forms in all of our departments,” Schreiber said in an emailed statement. “Inevitably the disruption will result in a backlog of input once the automation comes back online, but for the time being, our operations go on.”
Eric Watson, vice president of sales operations for Kia America, sent a letter to retail partners Thursday acknowledging that the shutdown is disrupting the business of “many Kia Dealers” who use CDK’s platform. Watson advised dealers to use manual tools while waiting for CDK’s systems to come back online.
Why are car dealerships targeted by cyberattacks?
The incident follows a cyberattack against Findlay Automotive Group last week. The automotive group – which operates in five states – said the attack restricted its ability to conduct sales and service, according to reporting from the Las Vegas Review-Journal.
A 2023 report from CDK notes that cybercriminals are a growing threat to target car dealerships, with 17% of 175 surveyed dealers experiencing a cyberattack or incident within the past year, up from 15% the year prior. Of those dealers, 46% said the cyberattack had a negative financial or operational impact.
Dealerships have been an attractive target because of the vast amounts of sensitive customer data they hold. From credit applications to customer financial information, dealerships hold a “treasure of information” to hackers, according to a 2023 article from insurance company Zurich North America.
“In addition, dealership systems are often interconnected to external interfaces and portals, such as external service providers,” the report reads. And many dealerships “lack basic cyber security protections.”
