Major Dealership Outage Thanks to Cyberattack Could Last Days

The incident is a major disruption as dealers are gearing up for summer sales events

A recent cyberattack on a software vendor crippled thousands of car dealerships Thursday.

Some 15,000 car dealerships across the U.S. and Canada ground to a halt, as two “cyber incidents” at a major data provider crippled their operations. According to the software vendor, CDK Global, the outage could last for days — right as dealerships are gearing up for the summer sales season.

The company said it was aware of an incident that occurred on June 18, though the company noted on Thursday morning the situation had gotten worse as it suffered an additional breach in the evening of June 19. “Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible,” a CDK Global spokesperson told CNN. CDK says it is also actively investigating the incident.

The outage from this cyberattack doesn’t just affect sales, of course. It may also disrupt parts and service departments nationwide. However, dealers are adapting as best they can to continue to do business, in spite of their go-to software being offline. As we enter the summer months, though, demand for new cars is rising, even as transaction prices remain stubbornly high, in the upper $40,000s for a new vehicle.

So-called “Software as a Service” (SaaS) providers are increasingly common in modern businesses, and services like those CDK Global offers integrates customer relations, financing, support, inventory and back-office tasks like accounting and payroll into a single system. The two data centers CDK uses to store dealerships’ data went out at approximately 2 AM on June 19. The company has not explicitly announced whether this was a ransomware attack — where hackers gain access to large networks, encrypt all the devices and demand payment to restore normal operation. If that is the case, negotiations could take days or even weeks, while bad actors could have gained access to the personal information of employees or customers.

“We remain vigilant in our efforts to reinstate our services and get our dealers back to business as usual as quickly as possible”, the company said after the second breach. However, two unnamed sources close to the matter said actually solving the fallout from the breach.

This is a developing story, so we’ll keep an eye on proceedings and provide any updates once we know more about what parties were affected.