🚗 CDK Chaos Continues

Car dealerships still reeling from ransomware attack, facing ongoing disruptions and data breach fears. 💸


 

🕵️ Investigation & Lawsuits

CDK remains tight-lipped about the extent of the breach, as class-action lawsuits pile up. ⚖️


 

📉 Sales Slump

Industry experts predict a significant drop in new-vehicle sales due to the cyberattack’s impact. 📉


News > Cyber-Attacks > Ransomware by Kevin Wood

CDK Global Ransomware Fallout: Slow Recovery, Mounting Lawsuits, and Lingering Questions About Data Security

 

 

Long road to recovery ahead

Two weeks after a crippling ransomware attack, CDK Global, a cornerstone of the automotive retail industry, is still struggling to fully restore its services. While the company claims progress, thousands of car dealerships across North America continue to face disruptions, and questions about the extent of the data breach and potential ransom payments remain unanswered.

The Attack’s Lingering Impact

The attack, initially detected on June 19th, targeted CDK’s Drive DMS (Dealer Management System), a software suite crucial for managing inventory, sales, financing, and customer relations for dealerships. This disruption forced dealerships to revert to manual processes, causing delays in transactions, lost sales, and frustrated customers.

“It’s been a nightmare,” said one dealership manager who wished to remain anonymous. “We’re back to pen and paper, which is slowing everything down. We’ve lost sales, and customers are getting impatient.”

 

CDK’s Recovery Efforts

CDK claims it has made significant progress in restoring services, with “substantially all” dealerships back online as of July 2nd. However, some dealers report ongoing issues with certain functionalities, and the company acknowledges that not all services have been fully restored.

In a recorded message to customers on July 2nd, CDK stated, “We are happy to report that we are ahead of the anticipated schedule, and as of now substantially all dealer connections are live on the core DMS.” However, the message also warned that some third-party integrations may still be experiencing issues.

The Data Breach Mystery

One of the most pressing concerns surrounding the attack is the potential exposure of sensitive customer data. The BlackSuit ransomware gang, believed to be responsible for the attack, initially claimed to have stolen terabytes of data, including customer information, financial records, and dealership inventory data.

CDK has not publicly confirmed the extent of the data breach, nor has it clarified whether it paid a ransom to the attackers. Media reports, citing anonymous sources, suggest that a ransom payment in the tens of millions of dollars was under consideration. However, CDK has declined to comment on these reports.

Mounting Legal Challenges

The attack has also sparked a wave of lawsuits against CDK Global. At least six car dealership companies have filed complaints with the U.S. Securities and Exchange Commission (SEC), citing disruptions to their operations and the potential financial impact of the attack.

Several class-action lawsuits have also been filed on behalf of affected customers, alleging that CDK failed to adequately protect their data and did not promptly notify them of the breach. These lawsuits seek damages for the inconvenience, emotional distress, and potential financial harm caused by the attack.

Industry Impact and Lessons Learned

The CDK Global cyberattack has sent shockwaves throughout the automotive retail industry. J.D. Power and GlobalData predict that the attack could lead to a 7.2% drop in new-vehicle sales in July 2024, as dealerships struggle to process transactions and manage inventory.

The incident serves as a stark reminder of the vulnerabilities of critical infrastructure and the interconnectedness of the digital ecosystem. It highlights the need for companies to prioritize cybersecurity, invest in robust security measures, and develop comprehensive incident response plans.

The Uncertain Road to Recovery: CDK Faces Lawsuits and Lingering Questions

While CDK has made progress in restoring core services, the company now faces a growing wave of lawsuits and continued uncertainty about the extent of the data breach. This has left dealerships grappling with operational challenges and customers concerned about the security of their personal information.

Dealership Frustrations Mount

Many dealerships are still reporting ongoing issues with specific functionalities within the Drive DMS software. While core features like sales and inventory management may be functional, integrations with third-party applications, such as credit reporting agencies and vehicle registration systems, continue to experience disruptions.

This has led to frustration and uncertainty among dealership staff, who are forced to rely on manual workarounds and alternative solutions to keep their businesses running. The lack of clear communication from CDK about the full extent of the damage and a timeline for complete recovery has only added to the anxiety.

Data Breach Lawsuits Pile Up

Several car dealership companies have filed lawsuits against CDK Global, alleging negligence in protecting their data and failing to promptly notify them of the breach. Some of these lawsuits seek class-action status, potentially representing thousands of affected dealerships.

In addition, individual customers whose personal information was potentially compromised have also filed class-action lawsuits. They claim that CDK did not take adequate security measures to protect their data and failed to inform them about the breach in a timely manner.

The Data Breach: Unanswered Questions

Despite the mounting lawsuits and public pressure, CDK has remained tight-lipped about the details of the data breach. The company has not confirmed the types of data stolen, the number of affected individuals, or whether any data has been leaked online.

This lack of transparency has fueled speculation and concern among customers. The ShinyHunters’ claims of having stolen terabytes of data, coupled with the ongoing delay in providing clear information, has left many customers wondering whether their personal and financial information is safe.

Looking at the challenges ahead

CDK Global faces a challenging road ahead. In addition to fully restoring its services and addressing the concerns of affected dealerships and customers, the company will need to navigate the legal challenges posed by the lawsuits.

The investigation into the attack is ongoing, and the full extent of the damage may not be known for some time. However, the incident has already had a significant impact on the automotive retail industry, and it serves as a stark reminder of the importance of proactive cybersecurity measures for all businesses.

As the situation continues to unfold, one thing is clear: the CDK Global ransomware attack is a watershed moment for the automotive industry, forcing a reckoning with the growing threat of cyberattacks and the need for heightened vigilance in protecting sensitive data.

 

When Disaster Strikes: BBG’s Rapid Response to Ransomware Attacks 🚨

The CDK Global attack highlights the critical need for swift and decisive action in the face of a ransomware crisis. Every minute of downtime can cost your business dearly, both financially and reputationally.

BBG’s Rapid Response Team: Your Lifeline in a Crisis

  • 🚨 24/7 Availability: We’re here when you need us most, ready to respond to ransomware attacks at any time.
  • 🕵️ Expert Forensic Analysis: Our team will quickly assess the situation, identify the ransomware strain, and determine the extent of the damage.
  • 🔄 Data Recovery and Restoration: We’ll work tirelessly to restore your systems and data from backups, minimizing downtime and ensuring business continuity.
  • 🛡️ Negotiation and Containment: If necessary, we can assist with negotiating with attackers and implementing measures to contain the spread of the ransomware.
  • 🏢 Post-Incident Support: We’ll help you strengthen your defenses and prevent future attacks through comprehensive security assessments and employee training.

Don’t let ransomware hold your business hostage. Contact BBG’s Rapid Response Team at security@bbg-mn.com to prepare for and mitigate the impact of cyberattacks.