Bloomberg News
CDK: ‘Substantially All’ Car Dealerships Restored After Hack
[Stay on top of transportation news: Get TTNews in your inbox.]
CDK Global, the software provider to roughly 15,000 car dealerships across North America that was crippled by a hack nearly two weeks ago, said “substantially all” the dealers it serves have seen their management systems come back online.
“We are ahead of the anticipated schedule,” Tony Macrito, senior communications director at CDK, said by email. The company had said July 1 that it expected all dealers to be live by late July 3 or early July 4.
CDK suffered two cyberattacks that forced its systems offline for days, slowing down everything from scheduling and service repairs to parts deliveries and car purchases at auto dealerships in both the U.S. and Canada. CDK’s core product — a suite of software tools referred to as a dealership management system — underpins virtually every element of auto retailers’ day-to-day business.
As a result, the outage hampered sales and interrupted repairs across an industry that topped $1.2 trillion in U.S. sales last year. The disruptions hit amid an end-of-quarter sales push. Vehicle sales were forecast to slow to an annualized rate of around 15.8 million vehicles in June, down from 16.1 million a year ago, due in part to the attack.
JUST IN: Dealership outages are coming to an end!
CDK Global anticipates that all dealers will be live by July 4th 🇺🇸
For those living under a rock...
CDK Global, an Automotive software company, was severely hacked nearly 2 weeks ago. The hack handicapped over 50% of U.S. car… pic.twitter.com/4zVsqhAeht — Car Dealership Guy (@GuyDealership) July 1, 2024
A hacking group called BlackSuit was behind the cyberattack on CDK Global that paralyzed car sales across the U.S., according to Allan Liska, a threat analyst at the security firm Recorded Future. The gang demanded tens of millions of dollars in ransom to end the disruptions, and CDK had planned to make the payment, Bloomberg News previously reported. It’s unclear if CDK paid the ransom.
Some of the largest auto dealers in North America warned of a potential “material” impact to their finances from the attack, which they said would hinge largely upon the duration of the outages. Sonic Automotive, Penske Automotive Group, Group 1 Automotive, AutoNation Inc., Lithia Motors and Asbury Automotive Group. have all filed disclosures with the U.S. Securities and Exchange Commission.
The incident is part of a growing phenomenon in which financially motivated cybercriminals have attacked critical links in the global IT supply chain, bringing down entire industries along with them.
Want more news? Listen to today's daily briefing below or go here for more info: