A massive cyberattack caused chaos for US car dealerships, and it’s still affecting both dealers and customers.
According to BleepingComputer, a notorious extortion organization called the BlackSuit ransomware gang carried out a cyberattack on CDK Global on June 19. BlackSuit has conducted a number of high-profile attacks in the past several years, mostly against health care companies. As of July 3, CDK says that “substantially all” dealers are back online, but the impacts are ongoing.
Also: The best VPN services of 2024: Expert tested and reviewed
CDK Global’s software is the lifeblood of the car dealership industry. Dealerships use it for tracking what’s on their lots, running credit checks, generating loan rates, completing sales contracts, processing payroll, and more. At least 15,000 dealerships, or more than half of all auto dealerships in the US, use CDK.
This attack forced dealerships to, at best, handle these tasks by hand and, at worst, not handle them at all. June isn’t just a busy month for car sales; the Juneteeth holiday, the day of the attack, is a particularly busy day because many people are off work. The impact was immediate, and an analyst told CNN that losses could be between $4 billion and $16 billion.
How dealership customers are impacted
For dealership customers, this attack and subsequent disruption of business means several things.
1. If you’re planning to buy a car, expect it to take longer.
The attack affected nearly every part of the process, but in-house financing was one of the most delayed. Even though service has been restored, there’s now likely a tremendous backlog of finance applications to sort out. If you have financing from an outside bank, or you’re paying cash, you won’t see as much of an issue.
2. If you buy a car, be ready to visit your local DMV.
CDK software enables dealers to automatically register vehicles with the local government so they can file the appropriate paperwork and ready a license plate. With that software out of the picture, dealers, or even the customer, needed to make a trip to wait in even-longer-than-usual DMV lines. Dealers should be able to file this paperwork with CDK now, but don’t be surprised if they have more to get through. It may be faster to just do this yourself.
3. Expect delays if you need service.
Dealerships use CDK software to schedule service appointments, keep track of parts inventory, and see service history. Service departments functioned without the software, but everything was written down on paper. Now that CDK software is back online, dealers will need to enter all of that paperwork. Multiply all the appointments, all the weeks, and all the dealerships affected, and it could be a pretty messy situation for service departments.
Also: Businesses’ cloud security fails are ‘concerning’ – as AI threats accelerate
We don’t know how much Blacksuit asked for, but reports are that CDK paid their ransom. CDK has not confirmed or denied this claim.
Blacksuit has made more than $275 million in ransom demands since September 2022, per BleepingComputer.