A massive cyberattack is causing chaos for American car dealerships and affecting both dealers and customers.
According to BleepingComputer, a notorious extortion organization called the BlackSuit ransomware gang carried out a cyberattack on CDK Global on June 19. As of June 30, its impacts are ongoing. BlackSuit has conducted a number of high-profile attacks in the past several years, mostly against healthcare companies.
Also: The best VPN services of 2024: Expert tested and reviewed
CDK Global’s software is the lifeblood of the car dealer industry. Dealerships use it for tracking what’s on their lots, running credit checks, generating loan rates, completing sales contracts, processing payroll, and more. At least 15,000 dealerships, or more than half of all auto dealerships in the US use CDK.
This attack has forced dealerships to, at best, handle these tasks by hand and, at worst, not handle them at all. June isn’t just a busy month for car sales; the Juneteeth holiday is a particularly busy day because many people are off work. The impact was immediate, and MotorTrend estimates losses could be between $4 billion and $16 billion.
How dealership customers are impacted
For dealership customers, this attack and subsequent disruption of business means several things.
1. If you’re planning to buy a car, expect it to take longer.
The attack affected nearly every part of the process, but in-house financing is one of the most delayed. If you have financing from an outside bank or you’re paying cash, you won’t see as much of an issue, but you should still expect slowdowns in other areas.
2. if you buy a car, be ready to visit your local DMV.
CDK software enables dealers to automatically register vehicles with the local government so they can file the appropriate paperwork and ready a license plate. With that software out of the picture though, that means dealers, or even the customer, will need to make a trip to wait in even longer than usual DMV lines.
3. Expect delays if you need service.
Dealerships use CDK software to schedule service appointments, keep track of parts inventory, and see service history. Service departments are still functioning without the software, but the process takes a little longer and they’re writing everything down on paper. Once CDK software is back online, dealers will need to enter all of that paperwork. Multiply all the appointments, all the weeks, and all the dealerships affected, and it could be a pretty messy situation for service departments.
Also: Businesses’ cloud security fails are ‘concerning’ – as AI threats accelerate
Affected dealers are still conducting business, but many are resorting to the much less secure pen-and-paper method. If you’re at all concerned about identity theft, this raises some big red flags.
It hasn’t been revealed how much the Blacksuit gang asked for, but reports are that CDK is paying their ransom demand. Some dealerships have had their software access restored but many more are still impacted.
Blacksuit has made more than $275 million in ransom demands since September of 2022.