Car sales across the US disrupted after major cyberattack hits dealership provider

News
By
published

Clients suffer the consequences following breach

Ransomware
(Image credit: Pixabay)

CDK, a company that provides software-as-a-service for car dealerships, has suffered a major cyberattack forcing it to shut down most of its systems. 

As a result, the companies using CDK’s services were unable to conduct most of their business and were pushed back to pen and paper for whatever little work they could do.

According to a report on BleepingComputer, when CDK spotted the attack, it unplugged most of its systems to prevent it from spreading. Two servers were taken offline at 2am local time, and remained offline for most of the day.

Disconnecting the VPN

"We are actively investigating a cyber incident,” the company told BleepingComputer. “Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible.”

CDK Global offers a comprehensive suite of software solutions and services designed to help car dealers manage and enhance their operations across various areas, including dealer management systems (DMS), digital marketing, business intelligence and analytics, fixed operations solutions, and cybersecurity. It allegedly has more than 15,000 clients and services 30,000 dealer sites worldwide.

Car dealerships using CDK’s services have to configure an always-on VPN to the company’s data centers, which then allows locally installed applications to access data stored on the servers. The company has now advised its clients to disconnect the VPN, to prevent the attack from spreading to third-party systems as well.

While the nature of the attack has not yet been confirmed, usually when a company is forced to unplug its IT infrastructure it’s due to ransomware. Threat actors lock their victims out of their endpoints, steal sensitive data, and then demand money in exchange for the decryption key and keeping the data private. 

Some fifteen hours after spotting the incident, the company restored CDK Phones, DMS, and Digital Retail services. Unify and DMS logins were also made available, while for other services, restoration is still in progress.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Red padlock open on electric circuits network dark red background
Newspaper printing across US hit after Lee Enterprises says “cybersecurity event” disrupted operations
Ransomware
Lee Enterprises blames cyberattack for encrypting critical systems as US newspaper outages drag on
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
59 organizations reportedly victim to breaches caused by Cleo software bug
DDoS attack
Japan’s largest telco NTT Docomo disrupted by DDoS attack
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Latest in Security
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
botnet
Another top security camera maker is seeing devices hijacked into botnet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Latest in News
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.
X is down again – Elon Musk confirms 'massive cyberattack' as former Twitter site hit by fourth outage today
Joe Goldberg and Kate Lockwood sitting at a table and looking at the camera in You season 5.
Netflix releases a killer new trailer for You season 5 but my favorite character is missing from Joe's final chapter
More about security
botnet

YouTubers targeted by blackmail campaign to promote malware on their channels
A hacker wearing a hoodie sitting at a computer, his face hidden.

Experts warn this critical PHP vulnerability could be set to become a global problem
Lego Mario Kart – Mario & Standard Kart set on a shelf.

Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
See more latest
Most Popular
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
Tesla Model 3
Tesla's EV sales are plummeting – as used Model Y and Model 3 prices crash to bargain levels
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
A computer screen showing a spreadsheet in use.
This entire nation's public health department was found to be running on a single Excel spreadsheet
Person using Dyson V8 vacuum
Dyson vacuums have one big problem and I don't understand why
Glowing server racks inside a data center.
The dirty little secret about AI hardware that you should know about: server vendors have to wrestle with wafer thin margins and bigger customers
Joe Goldberg and Kate Lockwood sitting at a table and looking at the camera in You season 5.
Netflix releases a killer new trailer for You season 5 but my favorite character is missing from Joe's final chapter
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A laptop on a desk with the Windows 11 background on its screen.
Microsoft is adding image editing and compression to its Windows Share feature - and I couldn't be happier