CDK Global continues to wrestle with cyberattack Achi-News

New York –

Auto dealers in North America continue to grapple with major disruptions that began last week with cyber attacks on a software company widely used in the auto retail sales sector.

CDK Global, a company that provides software for thousands of car dealers in the US and Canada, was hit by back-to-back cyber attacks on Wednesday. That led to an outage that has continued to affect operations.

For potential car buyers, that means delays at dealerships or handwritten vehicle orders. There is no immediate end in sight, with CDK saying it expects the restoration process to take “several days” to complete.

On Monday, Group 1 Automotive Inc., a US$4 billion automotive retailer, said it continues to use “alternative processes” to sell cars to its customers. Lithia Motors and AutoNation, two other dealership chains, also revealed that they have implemented solutions to keep their operations going.

Here’s what you need to know.

What is CDK Global?

CDK Global is a major player in the car dealership industry. The company, based just outside of Chicago in Hoffman Estates, Illinois, provides software technology to dealers that helps with day-to-day operations – such as facilitating vehicle sales, financing, insurance and repairs.

CDK serves more than 15,000 retail locations across North America, according to the company.

What happened last week?

CDK experienced back-to-back cyber attacks on Wednesday. The company shut down all its systems out of an abundance of caution, spokeswoman Lisa Finney said last week.

“We have begun the recovery process,” Finney said in an update over the weekend — noting that the company has launched an investigation into the “cyber incident” with third-party experts and notified law enforcement.

“Based on the information we currently have, we anticipate that the process will take several days to complete, and in the meantime we are continuing to actively engage with our customers and provide them with alternatives conduct business,” he added.

In messages to its customers, the company has also warned of “bad actors” pretending to be members or connected to CDK to try to gain access to the system by contacting customers. He urged them to be careful of any phishing attempt.

The incident contained all the hallmarks of a ransom attack, where targets are asked to pay a ransom to gain access to encrypted files. But CDK refused to comment directly – neither confirming nor denying whether it had received a ransom demand.

Are affected dealerships still selling cars?

Several major car companies – including Stellantis, Ford and BMW – confirmed to The Associated Press last week that the CDK outage had affected some of their dealers, but that sales operations were continuing.

In light of the ongoing situation, a spokesperson for Stellantis said on Friday that many sellers have switched to manual processes to serve customers. That includes writing orders by hand.

A Ford spokesman added that the outage could cause “some delay and inconvenience to some dealers and to some customers.” However, many Ford and Lincoln customers still receive sales and service support through alternative routes that are used at dealerships.

Group 1 Automotive Inc., which owns 202 automotive dealerships, 264 franchises, and 42 collision centers in the United States and the United Kingdom, said Monday that the incident disrupted its business applications and processes in its US operations that rely on CDK dealer systems. . The company said it has taken measures to protect and isolate its systems from the CDK platform.

All US Group 1 dealerships will continue to conduct business using alternative processes until CDK dealer systems are available, the company said Monday. Group 1 dealerships in the UK do not use CDK dealer systems and are not affected by the incident.

In regulatory filings, Lithia Motors and AutoNation disclosed that last week’s incident at CDK also disrupted their operations.

Lithia said it activated cyber incident response procedures, which included “cutting business service connections between the company’s systems and CDK’s.” AutoNation said it has also taken steps to protect its systems and data — adding that all of its locations remain open “albeit with reduced productivity,” as many are served manually or through alternative processes.

With many details of the cyber attacks still unclear, customer privacy is also top of mind – especially without much information about what information may have been compromised this week.

In a statement last week, Mike Stanton, president and CEO of the National Automobile Dealers Association, said “dealers are very committed to protecting their customer information” and are seeking updates from CDK to determine the scope of the impact “as the they can respond appropriately. “

Cybersecurity experts have emphasized that users connected to CDK (or a dealer connected to CDK) should assume that their data may have been breached. Those affected should monitor their credit – or even consider freezing their credit as an extra layer of protection – and be wary of any suspicious phishing messages.

HOW CAN I PROTECT MYSELF?

With many details of the cyber attacks still unclear, customer privacy is also top of mind – especially without much information about what information may have been compromised this week.

If you’ve bought a car from a dealer that uses CDK software, cyber security experts stress that it’s important to assume that your data may have been breached. That could potentially include “quite sensitive information,” Steinhauer noted, such as your social security number, employment history, income and current or former addresses.

Those affected should monitor their credit – or even freeze their credit as an extra layer of protection – and consider signing up for identity theft monitor insurance. You will also want to be wary of any phishing attempts. It’s best to make sure you have reliable contact information for a company by visiting their official website, for example, as scammers sometimes try to capitalize on news of a data breach to gain your trust through similar emails or phone calls.

Those are some best practices to remember whether you’ve been the victim of a CDK data breach or not, Steinhauer said. “Unfortunately, in this day and age, our data is a valuable target – and you have to make sure you take steps to protect it,” he said.