Today, CDK Global, a major software provider for auto dealerships across the U.S., announced they suffered a significant cyberattack, forcing the company to temporarily shut down most of its systems. This breach has effectively halted sales operations at approximately 15,000 car dealerships, including those under major brands like General Motors, Group 1 Automotive, and Holman. CDK Global’s dealer management system (DMS), which is critical for managing dealership operations, was among the affected systems.

A spokesperson for CDK stated, “We are actively investigating a cyber incident. Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible.” The hack began on Tuesday evening, causing widespread disruption. CDK announced that some systems were back online by Wednesday afternoon, but extensive tests and restoration efforts are still underway.

The impact of this cyberattack on CDK Global highlights the growing vulnerability of critical systems to cyber threats. Employees at affected dealerships resorted to using manual methods, such as spreadsheets and sticky notes, to continue operations. This incident underscores the need for robust cybersecurity measures to protect against such breaches.

Celebrate Trump's Historic 2024 Victory with the Exclusive Trump 47th President Collection!

This recent attack on CDK Global comes on the heels of another significant cyber incident involving Findlay Automotive Group. Just a few weeks ago, Findlay, which operates dealerships in Nevada, Utah, Arizona, Washington, and Idaho, reported a cybersecurity issue that affected its IT systems. The disruption limited the company’s ability to conduct sales and service, although all locations remained open. Findlay immediately investigated with cybersecurity experts and law enforcement to address the breach.

However, the situation escalated when customers Karen Smith and Pholisith Bouphapraseuth filed a class action lawsuit against Findlay in Clark County District Court. They alleged that the company failed to safeguard sensitive customer information, including names, addresses, driver’s licenses, social security numbers, and financial data. The lawsuit claimed Findlay employees received ransom notes from the ransomware group “Scattered Spider,” known for targeting large corporations. The plaintiffs seek damages, restitution, and injunctive relief, citing ongoing losses due to the breach.

These incidents illustrate a disturbing trend of increasing cyberattacks targeting the automotive sector. With hackers becoming more sophisticated, businesses must enhance their cybersecurity measures to protect sensitive data and maintain operational integrity. The frequency and severity of these attacks will likely rise, demanding vigilant and proactive strategies from companies and cybersecurity experts as the U.S. navigates these tumultuous times.