By now you’ve probably heard about the ransomware attack on CDK Global, a software provider serving some 15,000 auto dealerships in the U.S. In the ongoing debate over whether victims should or should not pay ransom, it appears CDK did, and pretty quickly. But there was, and is, a lot to untangle.
CDK provides software and cloud-based data storage for automotive dealerships across a wide variety of functions including sales, finance, marketing and service. CDK experienced a cyberattack on June 19 and “proactively” shut down most of its systems, leaving many dealers unable to transact business. Reports surfaced of dealers reverting to pen and paper to schedule and execute service appointments, among other workarounds.
Since the pandemic, supply chain risk has been a constant concern for many businesses, and the effects of this incident created yet another speed bump in that area as some collision repair facilities were unable to obtain OEM (original equipment manufacturer) parts from suppliers using CDK software.
Two major items remain unknown: First, the economic impact of what became a 10-day shutdown for many dealers during a traditionally busy month for car sales; and second, what if any dealer or customer data was compromised.
Multiple sources report that CDK promptly paid a ransom of $25 million dollars on June 21st, to a cryptocurrency account associated with hackers using ransomware called BlackSuit.
If you have recently transacted business at a car dealership, we recommend keeping a close eye on your credit reporting. Another option is to freeze your credit, which will block any new accounts from being opened in your name.
And if a vehicle purchase or service appointment are in your near future, you might want to check in with the dealer first. CDK reported all major applications operational again as of July 12, but individual dealers may be longer in bringing operations back online.
Questions about cybersecurity and ransomware protection? Contact Hill Tech Solutions.