A cyber incident at a major retail software provider for automobile dealers has caused disruptions for the third day in a row, affecting car sales across North America. The software provider, CDK, stated that the outage has impacted automotive dealerships in the US and Canada, including some BMW Group dealers.
CDK, which offers various software solutions to car dealerships, faced another cyber incident on Wednesday and decided to shut down most of its systems as a precautionary measure. The company is currently working on reinstating its services to help dealerships resume their operations as soon as possible. In a letter sent to customers on Thursday, CDK mentioned that they do not have a specific timeline for resolving the issue.
While the exact number of affected dealerships was not disclosed, CDK collaborates with over 15,000 retail locations throughout North America according to its website. Major car manufacturers such as Ford, Volkswagen, and Mercedes-Benz have confirmed that they are assisting dealerships impacted by the cyber outage.
The National Automobile Dealers Association emphasized that dealers are focused on safeguarding customer information and are actively seeking details from CDK to understand the extent and nature of the cyber incident. Additionally, Holman, a privately owned vehicle dealer, reported that the outage had also impacted its phone system.
CDK was acquired by the investment firm Brookfield Business Partners in April 2022 for $6.41 billion in a cash transaction. This acquisition made Brookfield the sole major privately held provider of software to auto dealers and manufacturers.
The ongoing cyber-attack highlights the vulnerability of the automotive industry to digital threats and the importance of cybersecurity measures in safeguarding sensitive information. It serves as a reminder for businesses to have robust contingency plans in place to mitigate the impact of cyber incidents and ensure the continuity of operations during such challenging times.