A group of hackers allegedly responsible for breaching CDK Global, a major software provider for thousands of car dealerships in North America, has reportedly demanded a ransom in the tens of millions of dollars.
According to one report, CDK intends to comply with the ransom demand, though discussions are ongoing and the details could evolve. The group believed to be behind the attack is thought to operate out of eastern Europe.
Following the discovery of the breach last Wednesday (June 19), CDK took immediate action by shutting down systems, triggering widespread disruption among its approximately 15,000 dealership clients. CDK’s core product, a suite of software tools known as a dealership management system (DMS), forms the backbone of operations for auto retailers, impacting sales, repairs, and deliveries in an industry that saw over $1.2 trillion in U.S. sales last year. These disruptions come at a critical time, coinciding with end-of-quarter sales efforts.
“It’s just mass chaos at this point,” Diana Lee, the chief executive officer of Constellation, a marketing agency that works with auto dealerships across the U.S., said on Bloomberg Television. “The dealer’s required to actually run a DMS for sales, service, parts, for every single functionality — even stocking a vehicle, you can’t do it without the DMS system. So it is a disaster.”
CDK briefly restored some services last week, only to deactivate them again after a subsequent cyberattack. On Thursday, the company informed dealers their systems are unlikely to be operational for several days.
The demand for tens of millions of dollars follows a recent ransomware attack where hackers initially sought $50 million from a lab services company, causing disruptions in London hospitals. Earlier this year, UnitedHealth Group, the largest medical insurer in the U.S., confirmed paying hackers a $22 million ransom.
While CDK has not identified the perpetrators of the intrusion, the company issued a warning to customers, cautioning them about outside parties attempting to exploit the situation.
“We are aware that bad actors are contacting our customers, posing as members or affiliates of CDK, trying to obtain system access,” the company said. “CDK associates are not contacting customers for access to their environment or systems. Please only respond to known CDK employees and communications.”
Source link : https://www.insideradio.com/free/cyberattack-puts-straitjacket-on-car-dealerships-across-north-america/article_3e8f858e-31e7-11ef-902b-5f66753f63e3.html
Author :
Publish date : 2024-06-24 04:00:00
Copyright for syndicated content belongs to the linked Source.