A cyberattack on CDK Global, a software provider for 15,000 car dealerships, caused widespread disruption on Wednesday, leaving many US dealerships unable to finalize sales. While many systems were restored by Wednesday night, the full impact on customer data remains unclear.
At Village Ford in Dearborn, Michigan, the attack coincided with their 40th annual Tent Sale, their biggest event of the year. Despite the setback, the dealership managed to make nearly 20 car sales, though none could be finalized.
“Could have picked a better week for this to happen, but we’re working through it,” said general sales manager Jay Sturtz. “If it would last longer, we’d run into some trouble.”
CDK Global’s software handles vital operations like accessing service records and electronically filing vehicle titles. The Detroit Auto Dealers Association reported significant disruptions among its members, with over 60% relying on CDK.
Rachel McNealey, a professor at Michigan State University, noted that CDK’s prominence makes it a prime target for cyberattacks due to its access to large amounts of customer data.
“Collecting data, especially in large amounts, is money. You can sell it, not just on the dark web but on the clear web,” McNealey said.
In response to an email inquiry, CDK Global stated that they are investigating the incident and have restored core systems, with ongoing tests on other applications. Their priority remains the security of their customers.
At Village Ford, customer Lshaun Lloyd, unaware of the attack until approached for an interview, expressed concern about data security.
“How are they ever going to keep it safe? Because they’re always attacking,” she said.
Despite the challenges, Village Ford continues their Tent Sale, focusing on customer privacy and hoping for a swift resolution.
“Our first priority is making sure we protect people’s privacy, identities,” Sturtz affirmed.