A group claiming responsibility for hacking software company CDK Global is demanding tens of millions of dollars in ransom, according to Bloomberg. CDK is reportedly considering paying the ransom, though discussions are ongoing and may change.
The cyber outage has now entered its third consecutive day, severely impacting software management tools and operations at car dealerships throughout the U.S. CDK Global shut down most of its systems on Wednesday “out of an abundance of caution” to protect customers, said CDK spokesperson Lisa Finney. While some systems were briefly restored that afternoon, an additional cyberattack forced another shutdown, as detailed in a letter sent to customers.
“Out of continued caution and to protect our customers, we are once again proactively shutting down most of our systems,” the letter stated. CDK is currently assessing the overall impact and consulting with external third-party experts. The company has not provided an estimated timeframe for when systems will be fully operational again.
The group behind the hack is believed to be based in Eastern Europe, according to a source familiar with the situation, as reported by Bloomberg. This group is demanding a significant ransom, and while CDK is considering payment, the final decision remains uncertain.
As of Friday, dealerships continued to report significant issues with CDK systems, hindering their ability to process sales and manage operations. The prolonged disruption highlights the critical reliance on digital systems in the automotive industry and the severe consequences when these systems are compromised.
CDK Global is working diligently to resolve the cybersecurity challenges and ensure the protection of its customers’ data and systems. The situation underscores the importance of robust cybersecurity measures and the potential vulnerabilities that can affect the automotive retail sector.