As if there wasn’t enough stress surrounding the dealership experience in America already, it now appears that a large provider of cloud-based data storage and software for the car dealership industry has been hacked. CDK Global informed its customers and the media that a cyberattack has affected its services that potentially could leave you waiting longer for your vehicle to be serviced. That might not be the limit of the total impact, though. On June 24, Bloomberg revealed that CDK Global is potentially paying a ransom to a hacker group identified by Bleeping Computer. Penske Auto Group reveals its Premier Truck Group is affected. More information follows the original text of this story.
According to a report from USA Today, CDK Global experienced a cyberattack on Wednesday June 19, and, at the time of publication, was still affecting its software and data services the following day, June 20. This attack comes just after a large auto retailer in the southwest, Findlay Auto Group, also faced a cybersecurity attack on its data services, according to a report from the Las Vegas Review-Journal.
How Does a Hack On One Group Affect So Many
CDK Global provides software and cloud-based data storage for automotive dealerships and OEMs, according to its website. According to its website, CDK Global provides these services to “nearly 15,000 dealer locations” and include things like digital retail experience, financial software, marketing, and other customer data. It also provides (ironically, in this case) IT and other cybersecurity solutions for dealers, as bad actors are looking at the automotive sector as an easy way to steal customer financial and identity data from dealerships, which traditionally are not particularly data-hardened despite trading in myriad customer data. So far, there is no clear estimate for how many dealerships were impacted, but it’s easy to infer this is widespread given CDK’s client footprint.
What Did These Hackers Do, Or Steal?
When asked for comment, Lisa Finney, CDK Global’s senior manager of external communications, stated, “Late in the evening of June 19, we experienced an additional cyber incident and proactively shut down most of our systems. In partnership with third party experts, we are assessing the impact and providing regular updates to our customers. We remain vigilant in our efforts to reinstate our services and get our dealers back to business as usual as quickly as possible.”
When pressed for further comment, Finney told MotorTrend that CDK Global is “not addressing specific questions at this time.” Finney did state that its core Dealer Management System (DMS) and Digital Retailing solutions have been restored and that CDK’s priority is the security of its customers, “and our actions reflect our obligation to them as a trusted partner.” We also reached out to large dealer networks such as AutoNation, Penske Auto Group, and Findlay Auto Group to see if this attack affected their dealerships in any way, but none had responded in time for publication.
Ransom and Hacker Group Revealed
According to Bloomberg, the cybersecurity attack is part of a ransomware attack on CDK Global. White it did not list the exact amount that CDK says it will pay, Bloomberg says it’s in the “tens of millions of dollars.” CDK has also told Bloomberg that bad actors are “contacting our customers, posing as members or affiliates of CDK, trying to obtain system access.” Bloomberg also reported that Sonic Autmotive Inc., a nationwide dealer group based in Charlotte, has had its operations disrupted. Sonic’s dealerships have reopened with a workaround.
In an SEC filing, Penske Auto Group confirmed that its automotive side wasn’t impacted by the issues with CDK, but its Premier Truck Group—Penske’s medium and heavy duty truck group—has been affected. Much like Sonic Automotive Inc., Penske Premier Truck Group are operating with a workaround and “immediately took precautionary containment steps” to protect itself and its customers when it learned what the issues were with CDK Global.
In a separate story, Bleeping Computer states that the hacker group called “BlackSuit” is behind the CDK ransomware attack. The story also details that CDK is negotiating with the group to receive a decryptor and “not leak stolen data.” BlackSuit isn’t new to this type of attack, as according to the Cybersecurity and Infrastructure Security Agency (CISA), it was originally known as “Royal Ransomware” and behind the City of Dallas cyberattack last year. Since September 2022, the Russian and Eastern European group is linked to $275 million in ransom demands.
What Can You Do As An Individual Customer?
Unfortunately, we just don’t know what exact data was compromised by this attack, as CDK pushed its equivalent to a “Stop” button and shut down “most” of its systems. For now, if you’ve been a recent customer of a dealership, whether for service or purchasing or test driving a vehicle, it’s probably wise to keep an eye on your digital financial records (check out some credit monitoring providers and, if you’re really concerned, put a freeze on your credit, which won’t allow new accounts to be opened using your information) out of abundance of caution until CDK says exactly what systems were attacked and what—if any—data was stolen (which could even include personal details, payment info, or even credit reports) during this event. We will update this story when any of the groups we contacted reach back out to us with any more information. In the meantime, several dealerships have reportedly halted operations while the problems are sorted out, so if you were planning on buying or servicing a car anytime soon, maybe call your local dealer before heading out to see if it’s operational.
Car Dealerships Nationwide Hit by Massive Cyberattack—What It Means for You #Car #Dealerships #Nationwide #Hit #Massive #CyberattackWhat #Means
Source Link: https://www.motortrend.com/news/car-dealership-cyberattack-2024-cdk-hack/
Car Dealerships Nationwide Hit by Massive Cyberattack—What It Means for You:
As if there wasn’t enough stress surrounding the dealership experience in America already, it now ap…
