CDK Global Cybersecurity Incident

CDK Global Cybersecurity Incident

CDK Global delivers technology solutions for the automotive retail industry. They provide software and digital marketing services to auto dealers and original equipment manufacturers (OEMs) to enhance their operations, customer relationships, and sales processes.

According to CBS news on June 21, 2024, CDK Global was shut down for a third straight day Friday after cyberattacks crippled its platform. The outage is disrupting roughly 15,000 car sellers who depend on CDK’s dealer management software to run their businesses, including vehicle sales. Some dealership employees have resorted to pen and paper to handle transactions but most deals had ground to a halt. CDK has not indicated when its systems will be back up and running, but suggested the outage could last several days. 

On June 19, CDK experienced the initial cyber incident and proactively shut down most of its systems, according to a spokesperson. In partnership with third-party experts, CDK is assessing the impact and providing regular customer updates. They stated they are working diligently to reinstate services and return dealers to normal operations as quickly as possible. 

However, according to PCMag, calls to a CDK customer support hotline resulted in a continuous busy signal. An automated message indicated that the outage could affect dealerships for several days with no estimated resolution time. The message also warned that bad actors posing as CDK support staff were attempting to obtain customers’ credentials in phishing attacks, according to the Associated Press

What to do if you or your vendors have active relationships with CDK Global

Act quickly to mitigate risks and ensure business continuity in light of the recent CDK Global cyberattack:

By following these steps, you can minimize the impact of the cyberattack and strengthen your overall cybersecurity posture. 

Sign up to try VISO TRUST today

Sign up for free

Try the VISO TRUST platform for free to see the CDK Global risk advisory in the context of your TPRM program and see if it impacts your vendors or your nth parties.