On June 19, 2024, CDK Global notified customers that a cyber incident had led to a shutdown of its systems, significantly impacting car dealerships across the United States. CDK Global serves nearly 15,000 dealership locations, and the incident caused substantial disruption, forcing car dealerships to halt operations and revert to manual processes.
Dealerships were initially notified about the incident around 2AM Eastern time on June 19, 2024, with an update at 8AM confirming the incident. CDK Global stated that they are actively investigating the cyber incident and have shut down most of their systems out of caution and concern for their customers.
While some reporting has suggested that this incident is related to a ransomware attack, this has not been directly confirmed, nor have significant details been made public on the nature of the incident. Reports have trickled in from social media of alleged dealership employees using CDK Global services indicating that the outage has resulted in widespread disruption for day-to-day operations.
As of the afternoon of Wednesday, June 19, 2024, CDK Global had begun notifying customers that certain services were restored. However, on the morning of Thursday, June 20, 2024, CDK Global notified customers by email that a separate cyber incident occurred “late in the evening” Wednesday, and that most of their systems would be shut down proactively during their investigation.
Potentially Affected Services
CDK Global provides a SaaS platform to their customers, which handles various dealership operations. These functions include CRM, financing, payroll, support and service, inventory, and back office operations.
According to Automative News, the following CDK Global services were taken offline during the investigation of the incident:
- CDK Service
- Common Admin
- DRIVE
- Drive Workflow Menu
- Fortellis
- Fortellis Integration Portal
- Global Content Management
- Intelligence Suite
- Modern Retail CRM
- Modern Retail Digital Retail
- Modern Retail eSign and MyInstall Dealer Portal
Restoration of services
In a statement to CBS News on June 19, 2024, CDK Global had initially indicated that the core dealer management system and digital retailing services were restored. The company had also communicated the same information directly to customers, adding that CDK Phones had also been restored.
However, an additional email notification was sent by CDK Global to their customers on the morning of Thursday, June 20, 2024 stating that a second security incident had occurred, and that it was under investigation. This led to CDK Global proactively disabling most services again. Among the services taken down were Customer Care channels, which were mentioned as “high priority” for restoration. The company estimated that dealer systems would be offline for at least the duration of June 20, 2024.
Recommendations
Follow CDK Global For Status Updates
At this time, CDK Global has not advised customers of specific actions to be taken in their environments in relation to the reported cyber incidents. Customer Care channels are still offline as of the afternoon (Eastern Time) of June 20, 2024, but are reportedly being prioritized for restoration.
CDK Global has advised customers to keep informed about the status of service outage through the following phone numbers:
- English: 1 (855) 356-3270
- French: 1 (877) 483-7817
References
