"Several Days & Not Weeks": Massive US Auto Dealership Cyberattack Nears Resolution As Hackers Demanded Millions
Great news for anyone trying to purchase a new or used vehicle last week but faced delays due to a nationwide cyber incident that paralyzed the backend operating systems of thousands of auto dealerships: a resolution appears to be underway.
Bloomberg reports that CDK Global, the main provider of auto dealership management systems and digital retailing solutions, is now in the process of restoring backend systems for more than 15,000 auto retailers affected by last week's hack.
CDK sent a message to dealers over the weekend, providing a timeline of "several days and not weeks" to restore systems.
Bloomberg also reports that the BlackSuit ransomware gang was behind the attack. BleepingComputer first reported this on Saturday.
This comes days after a Bloomberg report said a suspected hacking group in Eastern Europe is responsible for the CDK cyber incident, and the group demanded tens of millions of dollars in ransom.
CDK first reported the cyber incident last Wednesday and a second cyberattack on Thursday. The fallout of the centralized service for conducting sales at dealerships across North America forced some dealers to close, while others resorted to pen and paper in closing deals.
On Thursday, X user Car Dealership Guy was featured on CNBC. He said the auto industry's biggest question after all this chaos is "Will the industry continue centralizing and consolidating technology? This has been the biggest trend in auto retail."
"It's disrupting the entire dealership [industry]," says @GuyDealership's Yossi Levi after a cyberattack hit 15,000 auto dealerships across the country. "Will the industry continue centralizing and consolidating technology? This has been the biggest trend in auto retail." pic.twitter.com/oRTMYyPMfX
— Last Call (@LastCallCNBC) June 20, 2024
At the end of last week, some customers at dealerships were greeted with this message.
One of the largest Chevrolet dealers in South Carolina closed. On a Friday.
— Car Dealership Guy (@GuyDealership) June 21, 2024
Unheard of.
Day 3 of the CDK outage.
(via @bradsales312) pic.twitter.com/1SqzsAxUdi
On Friday, Diana Lee, the chief executive officer of Constellation, a marketing agency with strong ties in the auto industry, told the host of Bloomberg TV that the cyber incident is "just mass chaos at this point ... and worse than Covid."
Diana Lee, CEO and co-founder of Constellation, says the latest cyberattacks on CDK are a disaster for the auto industry that's "worse than covid" https://t.co/wFrM1BqhmW pic.twitter.com/JJ6lvJ4MFJ
— Bloomberg TV (@BloombergTV) June 21, 2024
Here's what X users are saying about the incident:
Still might wreck end of quarter deliveries 🙃
— Scott (@ScottPolhamus) June 24, 2024
It’s takes between 5-10 days usually to recover from a ransomware event when domain compromise. It may take months to fully recover.
— Matthew Rogers (@rogerscissp) June 24, 2024
Month end is almost here. So is quarter end. (Reporting for publicly traded entities). And also half-year closes this week.
— Financial Markets Warrior (@1MarketsWarrior) June 24, 2024
If they don't get good news soon, it will wreck a whole bunch of earnings reports.