Cyberattack Disrupts Car Dealership Operations Across the U.S.

The attack on CDK Global, the retail software provider for dealerships, has left dealerships across the country unable to manage daily operations

Ben Wodecki, Junior Editor - AI Business

June 25, 2024

2 Min Read
 In an aerial view, vehicles are offered for sale at a GM dealership on June 20, 2024 in Lincolnwood, Illinois.
Scott Olson/Getty Images

CDK Global, which provides software for car dealerships across North America, has been hit by a cyberattack orchestrated by the BlackSuit ransomware group that has impacted car dealerships across the U.S. 

CDK provides software to car dealerships to help manage operations, including sales, inventory and back-office processes.

The attack, which began on June 19, left the dealerships across the company unable to access CDK’s software to manage their operations for days. 

As CDK was working to bring its systems back online, it was hit by a second attack. 

The company told clients its software would be back online in “several days and not weeks,” CBS News reported. 

Clients including Sonic Automotive, Penske Automotive Group and Lithia Motors reported in SEC filings that their businesses had been disrupted by the attack. Their dealerships and repair shops couldn’t function as normal, with sales operations including their customer relationship management system heavily affected.

Sonic said it’s yet to determine whether the hack will have a material impact on the company, while Penske Automotive Group only reported disruption to its Premier Truck Group dealerships.

The hackers that took down CDK’s software are demanding a ransom to return its services to operation. BleepingComputer reports that CDK has been negotiating with the ransomware group.

According to cybersecurity SentinelOne, BlackSuit does not specifically discriminate against its victims, often targeting enterprises large and small.

The group previously attacked U.S. pharmaceutical company Octapharma Plasma and Wisconsin-based health care non-profit GHC-SCW.

The BlackSuit group previously operated as Royal ransomware after it had success using a new encryptor tool of the same name.

Under its previous name, BlackSuit targeted more than 350 victims demanding ransoms of more than $275 million, according to a November 2023 advisory from the FBI and Cybersecurity and Infrastructure Security Agency.

About the Author(s)

Ben Wodecki

Junior Editor - AI Business

Ben Wodecki is the junior editor of AI Business, covering a wide range of AI content. Ben joined the team in March 2021 as assistant editor and was promoted to junior editor. He has written for The New Statesman, Intellectual Property Magazine, and The Telegraph India, among others.

Sign Up for the Newsletter
The most up-to-date news and insights into the latest emerging technologies ... delivered right to your inbox!

You May Also Like