Earlier this morning, CDK Global, the majority provider of dealership management systems (DMS) in the U.S., experienced a significant cyberattack that led to a nationwide shutdown of its systems. CDK Global serves nearly 15,000 dealership locations, including GM brands. It’s currently unclear when service will be restored.
According to a report from Automotive News, Tony Macrito, CDK’s senior director of communications, stated that the shutdown was a precautionary measure aimed at protecting customers and allowing for a thorough investigation.
The cyberattack was initially communicated to dealerships around 2 a.m. Eastern time, followed by a detailed update at 8 a.m. confirming the incident and explaining the shutdown. The alert was also sent to all dealerships subscribed to CDK’s critical alerts system.
The alert reads as follows:
“Dear Valued Customers, we are currently experiencing a cyber incident. Out of caution and concern for our customers, we have shut down a majority of our systems. We are currently assessing the overall impact and currently have no ETA. Please know our teams are working hard to get everything up and running, and we will update as information is available. Sincerely, CDK Customer Care”
The attack impacted several CDK products, including CDK Service, DRIVE, Fortellis, and Modern Retail CRM, among others.
Customers can sign up for status updates on the cyberattack using this link.
A GM Authority source familiar with security incidents stated that “Generally, the longer it takes to identify the scope of the cyber incident, the worse it is”. It has been roughly eight hours since documented discovery of the incident.
Per Automotive News, Erik Nachbahr, president of cybersecurity services provider Helion Technologies, praised CDK’s decision to disable its systems, emphasizing that it was a necessary step to contain and assess the incident. Nachbahr stated that the vulnerability of CDK Global emphasized the need for robust cybersecurity among auto dealers. The recent cyberattack follows a similar cyberattack on Findlay Automotive Group just over a week earlier, which disrupted its operations for several days.
Subscribe to GM Authority for more GM technology news, GM safety news, GM business news, and around-the-clock GM news coverage.
Comments
Yup. I’ve been sitting at my desk and we can’t do a single thing at our store.
The simple solution to this is life in prison for any involvement conducting a cyber or ransomware attack. And 100% tariffs for any country not cooperating in an investigation originating from their country. Of course for North Korea you’d need something different since they don’t export squat.
Agree something needs to be done. I have a small website for my company. Imagine if your phone rang every tenth of a second trying to scam you. That is the rate my tiny site gets from all around the world. I firewall off numerous countries, but it is still bad, maybe every couple seconds. The web has become a cesspool. I think the average person not involved in internet networking cannot imagine. I do strongly recommend to any person, never and I mean never connect any device to the internet that does not have a strong firewall between the device and the internet. In the seconds it takes to configure your printer etc, it will be hacked without a firewall.
We are at War with Russia, Iran and arguably China.
We have been hacking Russian and Iranian institutions for years, decades.
Stop electing war mongers and stop supporting warfare or our civilization is doomed.
Theartlocker, an endpoint protection platform, with its Zero Trust platforms would have eliminated this from happening with its “deny by default” approach to cyber security! It only allows in what is allowed to operate your business or organization and blocks everything else, which would have eliminated this from happening!
Nothing is impenetrable.
My 2023 tahoe with only 8,000 miles randomly went haywire yesterday when trying to start it, dash completely lit up and went into service steering lock mode. I’m concerned it is related and now i cant get into get service either!
Its not related. Its just a GM so check engine light is on until it burns out….. typing from my
GM dealer bay.
I agree! I have a new 2024 Silverado and my check engine light came on, on Thursday. Less than 8k miles! I’m interested in knowing how many more check engine lights came on that day.
CDK global has a job listing up for a “Lead Cyber Security Incident Commander” that was launched in mid-May.
Maybe they should have put more effort into hiring someone for this position. 🤣😂🤣😂🤣
Low pay, 24/7 work hours, everyone blaming you for everything. It’s no wonder these type of positions go unfulfilled for months and have high turnover rates.
Waiting to see what GM is going to do for me. I put money down on a trade deal last Monday. Needed to upgrade the tires before driving off lot, they didn’t do the tires until Wed right when I can no longer finish purchasing. I have no new truck and I have a Colorado with a service engine light that I didn’t want to deal with-not very happy, just hoping GM makes this right.