CDK Global Cyberattack: Scores of US Car Dealerships Affected

2 Mins Read

PureVPNNewsCDK Global Cyberattack: Scores of US Car Dealerships Affected

A cyberattack recently targeted CDK Global, a leading software-as-a-service (SaaS) provider for the auto industry. This attack resulted in the shutdown of the company’s IT systems, impacting over 15,000 car dealerships across North America. 

CDK Global offers clients in the auto sector a SaaS platform that supports a wide range of dealership operations including, customer relationship management, financing, payroll, inventory, and more.

The attack prompted CDK Global to disable its systems, including IT infrastructure, phones, and applications to contain the breach. This measure left many dealerships in a standstill, unable to access the systems necessary for their day-to-day operations. Learn more below!

Immediate Measures and Communication

In an email, CDK Global stated, “We are currently experiencing a cyber incident. Out of caution and concern for our customers, we have shut down a majority of our systems,” with no estimated time for when services would be restored. Employees at multiple car dealerships expressed their frustrations online, noting a lack of detailed communication from CDK Global. 

Furthermore, car dealerships were advised to disconnect their always-on VPN connections to CDK’s data centers, a precaution suggested due to the potential for threat actors to exploit these connections to gain deeper access into the internal networks of the dealerships. 

Brad Holton, CEO of Proton Dealership IT, explained that the CDK software on devices holds administrative privileges for applying updates, which could explain CDK’s recommendation to disconnect from their data centers.

Challenges and Recovery Efforts

Dealerships had to resort to manual processes, such as using pen and paper to manage operations typically handled by CDK Global’s platform. This included tracking and ordering car parts, conducting sales, and processing financing applications. 

There are rumors that the cyberattack might be a ransomware incident that also affected CDK Global’s backups. Although unconfirmed, such an attack typically involves the encryption of data across affected systems followed by demands for ransom, under the threat of releasing the stolen data publicly.

On the recovery front, CDK Global announced the restoration of services like CDK Phones, DMS, and Digital Retail, although comprehensive testing of all applications was ongoing in order to ensure system integrity.

Final Word

The cyberattack on CDK Global highlights the critical need for strong cybersecurity defenses. As the company works toward recovery, ensuring robust protections and clear communication will be key to rebuilding trust and resuming normal operations.

author

Anas Hasan

date

June 20, 2024

time

1 year ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Related Stories

Arizona Sees Surge in VPN Demand After Age Verification Laws Take Effect

Arizona Sees Surge in VPN Demand After Age Verification Laws Take Effect
Posted on October 8, 2025
A Single Password Breach Shut Down a 158 Year Old Business

A Single Password Breach Shut Down a 158 Year Old Business
Posted on October 7, 2025
Nepal Social Media Ban: How to Access Facebook, Instagram, and YouTube Safely

Nepal Social Media Ban: How to Access Facebook, Instagram, and YouTube Safely
Posted on September 5, 2025

Have Your Say!!