Car dealerships face disruptions from multi-day outage after cyberattacks on software supplier.


Car dealerships across North America have been thrown into disarray this week following cyberattacks targeting CDK Global, a pivotal software provider for the auto sales industry in the U.S. and Canada. The disruptions, initiated by back-to-back cyber incidents on Wednesday, have persisted through the week, affecting thousands of dealerships and prompting significant operational challenges.

Understanding CDK Global and its Role

CDK Global, headquartered near Chicago in Hoffman Estates, Illinois, is renowned for its software solutions tailored to support automotive dealerships. These tools facilitate essential operations such as vehicle sales, financing, insurance, and maintenance. Serving over 15,000 retail locations across North America, CDK plays a critical role in streamlining dealership processes and enhancing customer service experiences.

Sequence of Events and Impact

The turmoil began when CDK Global detected a cyber incident necessitating a precautionary shutdown of all systems. Lisa Finney, a spokesperson for CDK, confirmed the company’s proactive measures in response to the initial attack. Despite executing comprehensive testing and consulting with cybersecurity experts to restore core systems swiftly, CDK encountered another cyber incident later the same day. This setback prolonged the outage, disrupting dealership operations including digital retailing solutions and dealership management systems (DMS).

As of Friday morning, CDK Global has been unable to specify a timeframe for resolving the issues, leaving dealerships grappling with uncertainty. A recorded message from CDK advised dealerships that the disruption may persist for several days, highlighting the severity and complexity of the ongoing situation.

Challenges Faced by Dealerships

The repercussions have been felt across the automotive industry, impacting major automakers like Stellantis, Ford, and BMW. Despite the disruptions, these companies confirmed that sales operations have continued albeit with adjustments. Many dealerships resorted to manual processes such as handwritten orders to mitigate the operational standstill caused by the CDK outage.

For instance, Stellantis reported that dealerships implemented manual processes to serve customers amidst the digital blackout. Similarly, Ford acknowledged potential delays and inconveniences but assured customers of alternative routes for sales and service support. These adaptive measures underscore the resilience of dealerships in navigating unforeseen challenges in the absence of critical digital infrastructure.

Concerns over Cybersecurity and Customer Privacy

Amidst the turmoil, concerns over cybersecurity and customer data privacy have been paramount. The nature and scope of the cyber incidents remain unclear, prompting heightened vigilance among dealerships. Reports indicated that bad actors attempted to exploit the situation by posing as CDK affiliates to gain unauthorized access to dealership systems. This has prompted CDK to issue warnings about phishing attempts and advise caution among its clientele.

Mike Stanton, President and CEO of the National Automobile Dealers Association, emphasized the industry’s commitment to safeguarding customer information. Dealerships are actively seeking clarity from CDK regarding the potential compromise of sensitive data, aiming to respond appropriately to protect customer privacy.

Industry Response and Future Outlook

The automotive industry’s response to the CDK cyberattacks has underscored the need for robust cybersecurity measures and contingency plans. Dealerships have demonstrated resilience and adaptability in maintaining essential services despite the technological setbacks. Moving forward, stakeholders are advocating for enhanced cybersecurity protocols and collaboration to fortify defenses against future cyber threats.

Moreover, the incidents have prompted broader discussions about the reliance on digital infrastructure in automotive retail and the vulnerabilities exposed by cyber disruptions. Stakeholders, including automakers, dealerships, and technology providers, are expected to reassess cybersecurity strategies and invest in resilient technologies to mitigate risks and ensure business continuity.

The cyberattacks targeting CDK Global have disrupted the automotive industry, posing significant operational challenges for dealerships across North America. As stakeholders navigate the aftermath, the focus remains on restoring normalcy, safeguarding customer data, and fortifying defenses against evolving cyber threats in the digital age.


Please enter your comment!
Please enter your name here

Enable Google Transliteration.(To type in English, press Ctrl+g)