Trying to buy a car? Your dealership might be recovering from a cyberattack

Car dealerships in North America continue to wrestle with major disruptions that started last week with cyberattacks on a software company used widely in the auto retail sales sector.

CDK Global, a company that provides software for thousands of auto dealers in Canada and the U.S., was hit by back-to-back cyberattacks Wednesday. That led to an outage that has continued to impact operations.

For prospective car buyers, that’s meant delays at dealerships or vehicle orders written up by hand. There’s no immediate end in sight, with CDK saying it expects the restoration process to take “several days” to complete.

As of Thursday last week, “hundreds of dealers” across Canada had been impacted by the outage, according to Tim Reuss, president and CEO of the Canadian Automobile Dealers Association.

Some members have flagged attempts from scammers to steal their log-in credentials by impersonating CDK representatives, said Reuss.

He says these bad actors are adding insult to injury and taking advantage of the situation, adding to “frustration” among the dealerships.

Here is what you need to know.

What is CDK Global?

CDK Global is a major player in the auto sales industry. The company, based just outside of Chicago, Ill., provides software technology to dealers that helps with day-to-day operations — including recording the sale of a new or used vehicle, logging a service appointment or noting the sale of spare parts.

CDK serves more than 15,000 retail locations across North America, according to the company.

What happened last week?

CDK experienced back-to-back cyberattacks on Wednesday. The company shut down all of its systems out of an abundance of caution, spokesperson Lisa Finney said last week.

“We have begun the restoration process,” Finney said in an update over the weekend — noting that the company had launched an investigation into the “cyber incident” with third-party experts and notified law enforcement.

“Based on the information we have at this time, we anticipate that the process will take several days to complete, and in the interim we are continuing to actively engage with our customers and provide them with alternate ways to conduct business,” she added.

In messages to its customers, the company has also warned of “bad actors” posing as members or affiliates of CDK to try to obtain system access by contacting customers. It urged them to be cautious of any attempted phishing.

The incident bore all the hallmarks of a ransomware attack, in which in which targets are asked to pay a ransom to access encrypted files. But CDK declined to comment directly — neither confirming or denying if it had received a ransom demand.

What are manufacturers saying about Canadian dealers?

CBC News reached out to several auto manufacturers to understand how dealers were impacted by the outage.

A BMW Group Canada spokesperson confirmed that the outage was impacting some of its retailers across Canada and the U.S., adding that its retail partners “remain open for business to support our customers with their sales and service needs.”

Meanwhile, a spokesperson for Nissan Group told CBC News on Friday that the company is aware of the situation, “and we continue determine the impact on our business. In the meantime, we are working closely with our dealer network to limit any inconvenience to our customers.”

A Honda Canada spokesperson said on Friday that the manufacturer was working to understand the “full scope” of the event.

“At this time, we are directing Canadian Honda and Acura dealers affected by the CDK outage to alternate tools and processes that will allow them to continue to conduct business while CDK systems remain offline,” the spokesperson said.

Representatives for Ford Motors, General Motors and Toyota did not respond.

Are impacted dealerships still selling cars?

Several major auto companies — including Stellantis, Ford and BMW — confirmed to The Associated Press last week that the CDK outage had impacted some of their dealers, but that sales operations continue.

In light of the ongoing situation, Reuss told CBC News on Thursday that many dealerships would have to switch to manual processes to serve customers, including writing up orders by hand.

A Ford spokesperson added that the outage may cause “some delays and inconveniences at some dealers and for some customers.” However, many Ford and Lincoln customers are still getting sales and service support through alternative routes being used at dealerships.

With many details of the cyberattacks still unclear, customer privacy is also at top of mind — especially with little known about what information may have been compromised this week.

In a statement sent to the AP on Friday, Mike Stanton, president and CEO of the National Automobile Dealers Association said that “dealers are very committed to protecting their customer information and are actively seeking information from CDK to determine the nature and scope of the cyber incident so they can respond appropriately.”

Leave a Reply

Your email address will not be published. Required fields are marked *