Context
Car dealership software-as-a-service provider (SaaS) CDK Global has been impacted by a large-scale cyberattack, causing the company to shut down a portion of its systems and leaving clients unable to operate their businesses normally.
Community Impact
The outage and restoration of CDK Global services impacts a portion of the RH-ISAC Core Membership and is notable due to the third-party service impact it has upon multiple organizations from a SaaS central point of failure. RH-ISAC will continue to monitor the restoration of CDK Global services and will report any additional and relevant information when it becomes available.
Background
CDK Global provides clients in the auto industry with its SaaS platform that handles multiple aspects of a car dealership’s operations. The CDK Global SaaS platform is used by over 15,000 car dealerships in North America and has thousands of employees throughout the country. To utilize CDK’s services, car dealerships configure an always-on VPN to CDK Global’s data centers, allowing their locally installed applications to access the platform.
Earlier this week, CDK Global suffered a cyberattack that caused it to shut down its IT systems, phones, and applications to prevent the attack’s spread. Employees at multiple car dealerships have disclosed to media reporting agencies that CDK has not shared much information other than to send an email warning that they suffered a cyber incident. The outage has led to widespread disruption among car dealerships using their platform to track and order car parts, conduct new sales, and offer financing.
While some car dealership employees have stated that they can log in with old credentials that were upgraded during CDK’s transition to a modern single-sign-on platform, it has been reported that the platform is not fully functional.
On the afternoon of 19 June 2024, CDK Global reported to customers that they have restored a portion of their systems, mainly CDK Phones, DMS and Digital Retail, however, they are continuing to conduct tests on all other applications before bringing them back online.
RH-ISAC will continue to monitor the restoration of CDK Global services and will report any additional and relevant information when it becomes available.