CDK Global Cyberattack Disrupts Operations at 15,000 North American Car Dealerships: Prioritizing Cybersecurity to Protect Customer Data

Long Island City, New York United States of America
Car dealerships are attractive targets due to lack of basic cybersecurity protections and interconnected systems.
CDK Global, a leading software provider for car dealerships in North America, experienced a cyberattack on June 19, 2024.
CDK Global offers a comprehensive SaaS platform handling all aspects of car dealership operations.
CDK Global uses a three-tiered cybersecurity strategy to prevent, protect and respond to cyberattacks.
Exact nature of the cyberattack is unknown, but reports suggest it may have been a ransomware attack impacting backups.
Hackers can use sensitive customer data for identity theft or sell it on the dark web. Dealerships must prioritize cybersecurity.
The incident caused disruptions to operations at over 15,000 dealerships across the US and Canada.
CDK Global Cyberattack Disrupts Operations at 15,000 North American Car Dealerships: Prioritizing Cybersecurity to Protect Customer Data

A massive cyberattack on CDK Global, a leading software provider for car dealerships in North America, caused widespread disruptions to operations at over 15,000 dealerships across the US and Canada on June 19, 2024. The incident left employees at affected dealerships with nothing to do or forced them to revert back to traditional methods such as paper and pencil.

CDK Global offers a comprehensive SaaS platform that handles all aspects of a car dealership's operation, including CRM, financing, payroll, support and service, inventory management, and back office operations. The company uses two data centers to provide its services to clients.

The exact nature of the cyberattack is currently unknown. Some reports suggest it may have been a ransomware attack that also impacted CDK's backups. Dealerships lack basic cybersecurity protections and have interconnected systems with external interfaces and portals, making them attractive targets for hackers.

The incident follows a similar cyberattack against Findlay Automotive Group last week, which restricted the automotive group's ability to conduct sales and service. A 2023 report from CDK notes that cybercriminals are a growing threat to target car dealerships, with 17% of surveyed dealers experiencing a cyber attack or incident within the past year.

CDK Global uses a three-tiered cybersecurity strategy to prevent, protect and respond to cyberattacks. However, despite these efforts, the company was unable to prevent this massive intrusion. The incident highlights the importance of implementing robust cybersecurity measures and keeping software up-to-date to protect against potential threats.

Car dealerships are a treasure trove of sensitive customer data, including credit applications and financial information. Hackers can use this data for identity theft or sell it on the dark web. Dealerships must prioritize cybersecurity to protect their customers' information and prevent potential financial losses.



Confidence

85%

Doubts
  • Exact nature of the cyberattack is unknown - it may not be a ransomware attack.
  • The impact on CDK Global's backups might not be accurate.

Sources

99%

  • Unique Points
    • CDK Global suffered a cyberattack that caused the company to shut down its systems and leave clients unable to operate their business normally.
    • , CDK Global provides services for over 15,000 car dealerships in North America and has thousands of employees.
    • The attack caused CDK to take its two data centers offline, leaving employees at dealerships with nothing to do or forced to go back to paper and pencil.
    • Some dealerships have sent employees home for the day due to the outages.
    • CDK Global uses a SaaS platform that handles all aspects of a car dealership's operation, including CRM, financing, payroll, support and service, inventory, and back office operations.
    • Car dealerships configure an always-on VPN to the SaaS provider’s data centers to access the platform.
    • It is rumored that CDK suffered a ransomware attack that also impacted its backups.
  • Accuracy
    • ]CDK Global suffered a cyberattack that caused the company to shut down its systems and leave clients unable to operate their business normally.[
    • CDK Global provides services for over 15,000 car dealerships in North America and has thousands of employees.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

96%

  • Unique Points
    • CDK Global, a company that provides software services for managing sales and other operations to about 15,000 auto dealerships across the US, has been hacked.
    • The identity of the hacker or hacking group is currently unknown.
  • Accuracy
    • The cyberattack began Tuesday evening and prompted CDK to temporarily shut down most of its systems.
    • Some of CDK’s systems were back up and running by Thursday afternoon after tests and consultation with third-party experts.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (95%)
    The article contains some instances of inflammatory rhetoric and an appeal to authority, but no formal or blatant logical fallacies were found. The author's statements about the dealerships being creative during the outage and her personal background are not relevant to the analysis.
    • ][Megan Cerullo] Megan Cerullo is a New York-based reporter for CBS MoneyWatch covering small business, workplace, health care, consumer spending and personal finance topics. She regularly appears on CBS News 24/7 to discuss her reporting.[/]
    • [Some dealerships appeared to get creative to continue doing business during the outage. Dealership employees posted about the outage on Reddit, sharing that they were relying on spreadsheets and sticky notes to sell customers small parts and make repairs, but that they weren't making any large transactions. One employee asked other dealership employees, 'How many of you are standing around because your whole shop runs on CDK?']
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

98%

  • Unique Points
    • CDK Global was hit by a cyberattack on Wednesday.
    • CDK offers a three-tiered cybersecurity strategy to prevent, protect and respond to cyberattacks.
    • Dealerships lack basic cybersecurity protections and have interconnected systems with external interfaces and portals.
    • 17% of surveyed dealers experienced a cyber attack or incident within the past year, up from 15% the year prior.
  • Accuracy
    • The attack caused CDK to shut down most of its systems out of caution for customers.
    • CDK had restored its core document management system and digital retailing solutions by Wednesday afternoon.
    • Car dealerships are attractive targets for cybercriminals due to the vast amounts of sensitive customer data they hold.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (0%)
    None Found At Time Of Publication

98%

  • Unique Points
    • CDK Global has restored most of the core dealership management system functionality following a cyberattack.
  • Accuracy
    • ]CDK Global has restored most of the core dealership management system functionality following a cyberattack.[
    • CDK Global provides services for over 15,000 car dealerships in North America and has thousands of employees.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (0%)
    None Found At Time Of Publication

100%

  • Unique Points
    • A cyber incident at CDK Global, a data provider used by 15,000 auto dealers in US and Canada, caused system outage on Wednesday.
    • CDK Global’s systems have been shut down out of caution to secure customer data.
  • Accuracy
    No Contradictions at Time Of Publication
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication