On Wednesday, a cyberattack against software vendor CDK Global disrupted operations at car dealerships around the United States.
A representative for CDK, Lisa Finney, stated that the business “out of an abundance of caution” for its customers shut down the majority of its systems. The business had recovered its digital commerce solutions and main document management system by Wednesday afternoon.
In an email statement, Finney said, “We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online.”
Regarding the number of dealerships affected, Finney did not reply, but according to CDK’s website, the company works with over 15,000 retail locations across North America.
What does CDK Global do?
One of the top suppliers of cloud-based software to auto dealerships in the US, CDK’s software facilitates the management of car purchases, sales, financing, insurance, maintenance, and repairs. A “three-tiered cybersecurity strategy to prevent, protect, and respond to cyberattacks” is what the organization claims to offer.
Why are car dealerships targeted by cyber attacks?
This event comes after Findlay Automotive Group was the target of a cyberattack last week. As per the Las Vegas Review-Journal, the automobile group, having operations in five states, stated that the attack hindered its capacity to carry out sales and servicing.
According to a CDK analysis from 2023, cybercriminals are becoming a bigger concern to auto dealerships. Of the 175 dealers polled, 17% reported having had a cyberattack or incident in the previous year, up from 15% the year before. Of those dealers, 46% claimed that the cyberattack had a detrimental effect on their operations or finances.
Because dealerships possess a tonne of sensitive client data, they have been a desirable target. According to a 2023 article from insurance giant Zurich North America, dealerships hold a “treasure of information” to hackers, ranging from credit applications to client financial information.
“In addition, dealership systems are often interconnected to external interfaces and portals, such as external service providers,” according to the paper. Numerous dealerships are also said to “lack basic cyber security protections.”