Major cyber attack shuts down car dealerships across the US

The US car industry was thrown into chaos on Wednesday after a cyber-attack targeted one of its leading software suppliers.

Hackers broke into the systems of CDK Global late on Tuesday night, potentially putting the sensitive financial details for millions of customers at risk.

The software company had shut down most of its operations by 2am on Wednesday, leaving 15,000 auto retailers offline and customers angrily demanding an update.

'Our first priority is always the security of our customers, and our actions reflect our obligation to them as a trusted partner,' said CDK spokeswoman Lisa Finney.

Dealerships use the company's software to manage vehicle acquisitions, sales, financing, insuring, repairs and maintenance, and clients include General Motors, Group 1 Automotive and Holman.

Finney said it shut down most of its systems 'out of an abundance of caution', and had restored its core document management system and digital retailing software by Wednesday afternoon.

'We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online,' she added.

Some dealers were reverting to post-it notes and hand-drawn spreadsheets to stay open.

'We are already back online in GA,' tweeted one from Marietta at 4.53pm.

'Not able to access digital deal jackets but we could print a deal and sell a car.

'Would have to manual load everything to do so.'

'Why do you guys not have local replication so at least the dealers could perform basic functions?' demanded another. 'NOT A GOOD LOOK.'

'It's Michigan, it's the entire country - about 15,000 dealers they service, so this is a big outage in our industry,' said Todd Szott, president of the Detroit Auto Dealers Association.

'And hopefully it will be rectified soon.'

'To me, it has all the looks and feel of a ransomware event,' cybersecurity expert David Derigiotis told Fox News.

'We're dependent on technology, we're dependent on software and if there's any fail-point along the whole digital supply chain, it has ripple effects and that's what we're seeing with this exact example here.' 

The attack took place just days after a separate hack which pushed the Findlay Automotive Group offline.

Insurance company Zurich North America warned that dealerships are a prime target for hackers because they hold a 'treasure of information' on customers' credit applications and financial information.

'In addition, dealership systems are often interconnected to external interfaces and portals, such as external service providers,' Zurich explained, with many dealerships lacking 'basic cyber security protections'.

CDK produced figures suggesting attacks by cyber-hackers on individual car dealerships rose from 15 to 17 percent last year.

It boasts that it offers a 'three-tiered cybersecurity strategy to prevent, protect and respond to cyberattacks'.

But it was roasted on social media after the hack which brought much of the car retail industry to a grinding halt.

'Instead of paying the ransom and not letting the data get leaked they shut everything down and now the data is going to get sold privately or leaked for free and CDK reputation is down the drain,' tweeted @RichOffMNQ.

'Worst decision they have ever made.'

'This CDK Global breach is a prime example of why businesses shouldn’t be using shared services,' suggested John Marcum. 

'This whole #CDK situation is just insane,' added Sarah Brown. 'It's honestly mind boggling that in 2024 companies are not doing their due diligence to invest in heavy duty cyber security.

'I really hope CDK is back up tomorrow, because the amount of work that everyone is going to have to catch up on from this whole thing.'