NEW YORK (AP) — North American auto dealers are still grappling with major disruptions that began last week with cyberattacks on a company whose software is widely used in the auto retail sector.
CDK Global, a company that provides software to thousands of auto dealers in the United States and Canada, was hit by successive cyberattacks on Wednesday. This led to a power outage that continued to impact operations.
For potential car buyers, this means delays at dealerships or handwritten vehicle orders. There’s no immediate end in sight, but CDK says it expects the restoration to take “several days” to complete.
Group 1 Automotive Inc., a $4 billion auto retailer, said Monday that it is using “alternative processes” to sell cars to its customers. Lithia Motors and AutoNation, two other dealer chains, also revealed they have implemented workarounds to keep their operations running.
Here is what you need to know.
What is CDK Global?
CDK Global is a major player in the automobile sales industry. The company, based outside Chicago in Hoffman Estates, Illinois, provides software technology to dealers that helps with day-to-day operations — such as facilitating vehicle sales, financing, insurance and repairs.
CDK serves more than 15,000 retail locations across North America, according to the company.
What happened last week?
CDK faced successive cyberattacks on Wednesday. The company shut down all of its systems after the first attack out of an abundance of caution, according to spokesperson Lisa Feeney, and then shut down most systems again after the second attack.
“We have begun the recovery process,” Feeney said in an update over the weekend, noting that the company had begun an investigation into the “cyber incident” with outside experts and notified law enforcement.
“Based on the information we have at this time, we expect the process to take several days to complete, and in the meantime we continue to actively engage with our customers and provide them with alternative ways of doing business,” she added.
In messages to its customers, the company also warned of “bad actors” posing as CDK members or affiliates to try to gain access to the system by contacting customers. She urged them to be wary of any phishing attempt.
The incident has all the hallmarks of a ransomware attack, where targets are asked to pay a ransom to access encrypted files. But CDK declined to comment directly, and would neither confirm nor deny whether it had received a ransom demand.
“When you see an attack like this, it almost always ends up being a ransomware attack,” said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance. “We see this over and over again unfortunately, (especially in) the last couple of years. No industry, organization or software company is immune.
Are affected dealers still selling cars?
Several major auto companies — including Stellantis, Ford and BMW — confirmed to The Associated Press last week that the CDK outage affected some of their dealerships, but sales operations are continuing.
In light of the ongoing situation, a Stellantis spokesperson said Friday that many agents have turned to manual processes for customer service. This involves typing commands manually.
A Ford spokesman added that the outage may cause “some delay and inconvenience to some dealers and some customers.” However, many Ford and Lincoln customers still obtain sales and service support through alternative methods used at dealerships.
“The guys who have been around longer — guys who maybe have a little salt in their hair like me — we remember how to do it in front of computers,” said John Crane of Hawk Auto Group, a Westmont, Illinois, company. Agency operator that uses CDK. “It’s just a few extra steps and a little time.”
Although the affected Hawk Auto dealers are still able to serve customers by going “back to basics,” Crane added that management workers are still “pulling our hair out.” He points out that there are now stacks of paper waiting to be processed – rather than applications automatically scrolled through a computer overnight.
Group 1 Automotive Inc. said: On Monday, the incident said the incident disrupted its applications and business operations at its US operations that rely on CDK agent systems. The company said it had taken measures to protect its systems and isolate them from the CDK platform.
In regulatory filings, Lithia Motors and AutoNation revealed that last week’s accident at CDK also disrupted their operations.
Lithia said it activated cyber incident response procedures, which included “cutting business service communications between the company’s systems and CDK.” AutoNation said it has also taken steps to protect its systems and data, adding that all of its sites remain open “despite reduced productivity,” with many being served manually or through alternative processes.
How can I protect myself?
With many details of cyberattacks still unclear, customer privacy is also a top priority – especially with not much known about what information may have been compromised this week.
If you’ve purchased a car from a dealership that uses CDK software, cybersecurity experts say it’s important to assume that your data may have been compromised. This could include “very sensitive information,” such as Social Security number, employment history, income and current or previous addresses, Steinhauer noted.
Those affected should monitor their credit – or even… Freeze their credit As an extra layer of defense – and consider signing up for identity theft insurance. You’ll also need to be wary of any phishing attempts. It’s best to make sure you have reliable contact information for a company by visiting their official website, for example, as scammers sometimes try to take advantage of news about data breaches to gain your trust through similar emails or phone calls.
These are some best practices to keep in mind whether you’re a victim of a CDK data breach or not, Steinhauer said. “Unfortunately, in this day and age, our data is a valuable target — and you need to make sure you take the necessary steps to protect it,” he said.
___
Associated Press writer Mike Houser in Detroit contributed to this report.
“Infuriatingly humble alcohol fanatic. Unapologetic beer practitioner. Analyst.”