CDK SAYS ‘SUBSTANTIALLY ALL’ CAR DEALERSHIPS RESTORED AFTER HACK

(Bloomberg) -- CDK Global Inc., the software provider to roughly 15,000 car dealerships across North America that was crippled by a hack nearly two weeks ago, said “substantially all” of the dealers it serves have seen their management systems come back online.

“We are ahead of the anticipated schedule,” Tony Macrito, senior communications director at CDK, said by email. The company had said Monday that it expected all dealers to be live by late July 3 or early July 4.

CDK suffered two cyberattacks that forced its systems offline for days, slowing down everything from scheduling and service repairs to parts deliveries and car purchases at auto dealerships in both the US and Canada. CDK’s core product — a suite of software tools referred to as a dealership management system — underpins virtually every element of auto retailers’ day-to-day business. 

As a result, the outage hampered sales and interrupted repairs across an industry that topped $1.2 trillion in US sales last year. The disruptions hit amid an end-of-quarter sales push. Vehicle sales were forecast to slow to an annualized rate of around 15.8 million vehicles in June, down from 16.1 million a year ago, due in part to the attack. 

A hacking group called BlackSuit was behind the cyberattack on CDK Global that’s paralyzed car sales across the US, according to Allan Liska, a threat analyst at the security firm Recorded Future Inc. The gang demanded tens of millions of dollars in ransom to end the disruptions, and CDK had planned to make the payment, Bloomberg News previously reported. It’s not clear if CDK paid the ransom.

Some of the largest auto dealers in North America warned of a potential “material” impact to their finances from the attack, which they said would hinge largely upon the duration of the outages. Sonic Automotive Inc., Penske Automotive Group Inc., Group 1 Automotive Inc., AutoNation Inc., Lithia Motors Inc. and Asbury Automotive Group Inc. have all filed disclosures with the US Securities and Exchange Commission. 

The incident is part of a growing phenomenon in which financially motivated cybercriminals have attacked critical links in the global IT supply chain, bringing down entire industries along with them.

Most Read from Bloomberg

• Democrats Weigh Mid-July Vote to Formally Tap Biden as Nominee
• US Allies Allege China Is Developing Attack Drones for Russia
• S&P 500 Closes Above 5,500 in Record-Breaking Run: Markets Wrap
• Powerful Storm Beryl Aims at Jamaica After Grenada Strike
• Biden Plummets in Leaked Democratic Polling Memo, Puck Says

©2024 Bloomberg L.P.

2024-07-02T18:20:49Z dg43tfdfdgfd