Skip to main content
Future of Travel

Thousands of US auto dealers affected by ‘cyber incident’

“This shutdown highlights the importance of due diligence and reliance on a third party to deliver key business-critical functions,” a cybersecurity expert told Tech Brew.
article cover

Hispanolistic/Getty Images

less than 3 min read

Keep up with the innovative tech transforming business

Tech Brew keeps business leaders up-to-date on the latest innovations, automation advances, policy shifts, and more, so they can make informed decisions about tech.

Thousands of US car dealers were grappling with disruptions to key services after a pair of cyber attacks hit a major software provider this week.

The incident affecting CDK Global caused widespread disruptions at car dealerships across the country, Bloomberg reported.

CDK spokesperson Lisa Finney told Tech Brew on Wednesday that the company was “actively investigating a cyber incident” and that “we have shut down most of our systems.” Its dealer management system and digital retailing solutions were restored later in the day, but then on Thursday, the software provider experienced “an additional cyber incident and proactively shut down most of our systems.”

“In partnership with third-party experts, we are assessing the impact and providing regular updates to our customers,” Finney said. “We remain vigilant in our efforts to reinstate our services and get our dealers back to business as usual as quickly as possible.”

CDK had no new information to share Friday morning.

Bloomberg reported that the company’s software is what “many car dealerships rely on to conduct almost all of their normal business.” Some dealerships reportedly had to halt all operations as a result of the outage, while others were using paper record-keeping for basic services.

Chris Clark, automotive systems architect at Synopsys Software Integrity Group, told us the incident was an example of “technology being exposed to a complex and challenging world that brings many risks and rewards.”

“This event is significant,” he said in a statement provided by Claire Cronin of Method Communications, “because it is one of the first to truly shut down a segment of a market that impacts the industry and consumers.”

“This shutdown highlights the importance of due diligence and reliance on a third party to deliver key business-critical functions,” he added. “Companies should look at this event and question how the SaaS providers they work with are able to address these kinds of service interruptions. For events that cannot be addressed, companies should also look at insurance options that address service outages and revenue loss due to cyber-related incidents.”

The consumers whose sales and services were affected likely won’t remember the incident for long, Clark said, “but in the near term, interruptions at this scale will impact consumer trust and the bottom line.”

Keep up with the innovative tech transforming business

Tech Brew keeps business leaders up-to-date on the latest innovations, automation advances, policy shifts, and more, so they can make informed decisions about tech.