CDK’s System Restoration to Take Several Days; Hacking Group Demanding Millions in Ransom

Hackers
Pexels/Photo by Anete Lusina

Reuters reported on Sunday that CDK Global's efforts to restore auto dealers' systems nationwide are now underway following the cyberattack with a ransom demand.

While CDK is actively investigating the shutdown following two cyber incidents that caused its systems to come to a halt, the company has not disclosed the identity of those responsible for the incidents. According to previous reports by Bloomberg, CDK was negotiating with a hacker group based in Eastern Europe, demanding tens of millions of dollars in ransom to resolve the outage.

The software provider to car dealerships in North America is reportedly considering paying the ransom demanded by the hacker group, but discussions could still change, according to a Bloomberg report citing a source familiar with the situation.

CDK's Effort to Restore Dealer Management System (DMS)

The retail software provider expects it will take several days for its software to resume full functionality following a system outage that has affected nearly 15,000 car dealerships across North America since Wednesday. The company, whose software dealerships rely on for scheduling and record management, has started the process of restoring its systems. A spokesperson for CDK informed CNN on Saturday that they are actively communicating with customers and offering alternative methods for conducting business.

CDK's dealer management system (DMS) acts as a centralized hub where businesses monitor their operations. Its retail tools empower dealerships to conduct transactions seamlessly, whether online or within physical showrooms.

Dealerships depend on the DMS for essential functions such as sales, service, parts, and vehicle stocking. Hence, operating without the DMS system is "Just mass chaos at this point," Diana Lee, chief executive officer of Constellation, a marketing agency collaborating with auto dealerships across the U.S., described the situation on Bloomberg Television.

While CDK spokesperson Lisa Finney did not disclose the number of dealerships affected when questioned, the company's website indicates over 15,000 retail locations throughout North America.

System Shutdown Across Dealership Operations

The cyber outage at CDK has disrupted software management tools and severely impacted operations at car dealerships across the U.S. Despite taking the precaution of shutting down most of its systems on Wednesday, another cyberattack was detected again, prompting the subsequent closure of the system despite being restored later that afternoon, as communicated in a letter sent to customers. As a continued precautionary measure to safeguard customers, CDK once again proactively shuts down most of its systems as the company currently evaluates the overall impact of the situation and seeks advice from external third-party experts, the letter reads.

CDK did not initially provide an estimated timeframe for when its systems would be fully operational again. Dealerships continued to experience issues with CDK systems throughout Friday and Saturday, and on Sunday, CDK indicated in an email statement to Reuters that it anticipated the restoration process would span several days.

Real Time Analytics