Dive Brief:
- The majority of CDK Global’s car dealership customers are still operating without critical services in the wake of fallout from a cyberattack, which has had consequences extending into a second week.
- CDK Global said it’s making progress recovering, but services won’t be restored for all of its customers until June 30, according to an automated voice message service it set up to provide updates to customers.
- “We have successfully brought a small initial test group of dealers live on the dealer management system, and once validation is complete, we will begin phasing in other dealers,” Lisa Finney, senior manager of external communications at CDK, said in an emailed statement.
Dive Insight:
The company discovered a cyberattack on June 19 and immediately shut down some of its systems that dealers rely on for sales, customer relationship management, parts, inventory and accounting functions.
CDK commands a large market share, providing more than 15,000 car dealer customers with software across North America. The National Automobile Dealers Association counted 16,835 car dealers in the U.S. at the end of 2023, according to its annual report.
Many dealers have resorted to analog alternatives during CDK’s outage.
“We are also actively working to bring live additional applications — including our customer relationship management and service solutions — and our customer care channels,” Finney said. “In the meantime, we have created a dealer resource center with commonly used documents and forms to support their sales and service efforts.”
In the automated message to customers, CDK cautioned “there are some integration points with OEM systems and third-party partners that may not be live immediately, but will be phased out as quickly as possible.”
CDK is a private company but some of its customers, which are among the largest car dealers in North America, are publicly traded. In the wake of the attack, five major car dealers filed cyber incident disclosures with the Securities and Exchange Commission, warning investors of negative impacts on business operations.
Sonic Automotive and Penske Automotive Group filed with the SEC on Friday, and AutoNation, Group 1 Automotive and Lithia Motors filed Monday.
“We understand and share the urgency for our customers to get back to business as usual, and we will continue providing updates as more information is available,” Finney said.
CDK has repeatedly declined to answer questions about its recovery timeline and the nature of the attack.
Source link
