Auto dealerships in North America are still coping with significant disruptions, which began last week with cyberattacks on an organization whose software is widely utilized in the auto retail industry.
CDK Global, an organization that gives software to 1000’s of auto dealers within the U.S. and Canada, was hit by several back-to-back cyberattacks on Wednesday, leading to an outage that continues to affect operations.
For potential automotive buyers, this has meant delays at dealerships or hand-written vehicle orders. There is not any immediate end in sight, but CDK expects the recovery process to take “several days.”
On Monday, Group 1 Automotive Inc., a $4 billion auto dealer, said it was using “alternative processes” to sell cars to its customers. Lithia Motors and AutoNation, two other auto dealership chains, also said that they had implemented workarounds to take care of operations.
Here’s what you’ll want to know.
What is CDK Global?
CDK Global is a serious player within the auto sales industry. Based in Hoffman Estates, Illinois, just outside of Chicago, the corporate provides dealers with software technology to assist them with their each day operations, akin to vehicle sales, financing, insurance and repairs.
According to the corporate, CDK serves greater than 15,000 retail locations across North America.
What happened last week?
CDK was the victim of two consecutive cyberattacks on Wednesday. The company shut down all of its systems out of an abundance of caution after the primary attack, in accordance with spokeswoman Lisa Finney, and most systems were shut down again after the second attack.
“We have begun the recovery process,” Finney said in an update over the weekend – noting that the corporate had launched an investigation into the “cyber incident” with outside experts and notified law enforcement.
“Based on the information we currently have, we expect the process to take several days. In the meantime, we continue to actively engage with our customers and offer them alternative ways to do business,” she added.
In notices to its customers, the corporate also warned of “bad actors” posing as CDK members or partners who try to gain system access by contacting customers. It warned customers to be cautious of any phishing attempts.
The incident had all of the hallmarks of a ransomware attack, where victims are asked to pay a ransom to realize access to encrypted files. However, CDK declined to comment directly – neither confirming nor denying whether it had received a ransom demand.
“When you see an attack like this, it’s almost always a ransomware attack,” said Cliff Steinhauer, director of data security and engagement on the National Cybersecurity Alliance. “Unfortunately, we see this again and again, (especially in) the last few years. No industry and no organization or software company is immune.”
Are affected dealers still selling cars?
Several major automakers – including Stellantis, Ford and BMW – confirmed to the Associated Press last week that the CDK outage had affected a few of their dealers, but that sales operations were continuing.
Given the continuing situation, a Stellantis spokesperson said on Friday that many dealers have switched to manual processes to serve customers, including writing down orders by hand.
A Ford spokesperson added that the outage “may cause delays and inconvenience at some dealerships and for some customers.” However, many Ford and Lincoln customers will proceed to receive sales and repair support through alternate routes used at dealerships.
“The people who have been around for a while — you know, people who maybe have a little salt in their hair like me — remember how it was before computers,” said John Crane of Hawk Auto Group, a Westmont, Ill.-based dealership operator that uses CDK. “It’s just a few more steps and a little more time.”
Although the affected Hawk Auto dealers can proceed to serve their customers by “going back to basics,” Crane added that administrative staff are still “pulling our hair out.” He notes that there at the moment are piles of paperwork waiting to be processed – as a substitute of orders that were processed mechanically on the pc overnight.
Group 1 Automotive Inc. said Monday that the incident disrupted business applications and processes at its U.S. operations that depend on CDK dealers’ systems. The company said it had taken steps to guard its systems and isolate them from the CDK platform.
Lithia Motors and AutoNation said in regulatory filings that the incident at CDK last week also caused operational disruptions at their plants.
Lithia said it had initiated cyber incident response measures, including “severing business service connections between the company’s systems and those of CDK.” AutoNation said it had also taken steps to guard its systems and data, adding that every one locations remained open, “albeit with reduced productivity,” as many were being served manually or through alternative processes.
HOW CAN I PROTECT MYSELF?
With many details of the cyberattacks still unclear, customer privacy can also be a priority – especially since little is understood about what information can have been compromised this week.
If you purchased a automotive from a dealer that uses CDK software, cybersecurity experts say you must assume your data can have been stolen. That could include “pretty sensitive information,” Steinhauer noted, akin to your Social Security number, employment history, income and current or previous address.
Those affected should monitor their creditworthiness – and even freeze their credit as an extra layer of defense – and consider purchasing identity theft monitor insurance. You must also be on guard against phishing attempts. It’s best to be certain that you have got reliable contact information for a corporation, akin to by visiting its official website, as scammers sometimes try to use data breach news to realize your trust through spoofed emails or phone calls.
These are some best practices to take into account whether you are a victim of the CDK data leak or not, Steinhauer said. “Unfortunately, our data is a valuable target these days — and you need to make sure you’re taking steps to protect it,” he said.
