CDK Global Cybersecurity Incident

CDK Global delivers technology solutions for the automotive retail industry. They provide software and digital marketing services to auto dealers and original equipment manufacturers (OEMs) to enhance their operations, customer relationships, and sales processes.

According to CBS news on June 21, 2024, CDK Global was shut down for a third straight day Friday after cyberattacks crippled its platform. The outage is disrupting roughly 15,000 car sellers who depend on CDK’s dealer management software to run their businesses, including vehicle sales. Some dealership employees have resorted to pen and paper to handle transactions but most deals had ground to a halt. CDK has not indicated when its systems will be back up and running, but suggested the outage could last several days.?

On June 19, CDK experienced the initial cyber incident and proactively shut down most of its systems, according to a spokesperson. In partnership with third-party experts, CDK is assessing the impact and providing regular customer updates. They stated they are working diligently to reinstate services and return dealers to normal operations as quickly as possible.?

However, according to PCMag, calls to a CDK customer support hotline resulted in a continuous busy signal. An automated message indicated that the outage could affect dealerships for several days with no estimated resolution time. The message also warned that bad actors posing as CDK support staff were attempting to obtain customers’ credentials in phishing attacks, according to the Associated Press.?

What to do if you or your vendors have active relationships with CDK Global

In light of the recent CDK Global cyberattack, it’s crucial to act quickly to mitigate risks and ensure business continuity:

• Start by assessing the impact on your systems and communicating with stakeholders about potential disruptions.?
• Enhance your cybersecurity measures by changing passwords, implementing multi-factor authentication, and increasing network monitoring.?
• Warn employees about phishing attempts and ensure they are trained to recognize such threats.?
• Stay informed through CDK Global’s official updates
• Utilize VISO TRUST’s AI technology to conduct real-time assessments of third-party risk and maintain continuous monitoring.

By following these steps, you can minimize the impact of the cyberattack and strengthen your overall cybersecurity posture.?

Sign up for the RiskSnaps newsletter

Stay informed on third-party breaches and what you can do to reduce risk by subscribing to this newsletter.