UPDATE 6/20/2024 5:19 PM EST: CDK Global shut down dealership services for a second time on Thursday, citing another cyberattack. At this time, there is no estimated timeframe for software restoration.

On Wednesday, June 19, thousands of car dealerships around the U.S. endured interrupted business operations. Their software provider, CDK Global, suffered a “cyber incident” that led to a shutdown around 2 a.m. Eastern time.

CDK Global’s website says it services nearly 15,000 dealerships, including OEMs. It offers digital retailing, customer relationship management, fixed operations management, and other solutions. Considering each dealership could have thousands of customer records, a security breach is a big concern.

Wednesday was a holiday, so businesses expected customer traffic to be higher than normal. One receptionist in Philadelphia told Bloomberg that they couldn’t access customer records or even print a repair order. Others resorted to pen-and-paper recordkeeping until the provider restored its services.

Mike Stanton is the president and chief executive of the National Automobile Dealers Association. He said that NADA reached out to CDK Global to better understand the root issue, which remained unclear yesterday. “Dealers are very committed to protecting their customer information,” he told Bloomberg.

CDK Global manually shut down all services to test and consult third-party security experts. Its dealer management system and digital retailing have been restored, but other services remain offline until they are tested and confirmed secured, a CDK Global spokesperson said.

Cybersecurity remains a concern in the automotive industry. The federal government is considering how to handle the possible entry of Chinese EVs into the American market due to the country’s notable ability to mass produce cheaper, more efficient electric cars. Like any other China-based tech and platform, like TikTok, security concerns exist with its new vehicle technology. 

Of course, folks should be aware that any digital platform can have security holes and must work to protect sensitive personal information. We’ve covered how cybersecurity specialists hacked into EV chargers without much effort. In that case, the manufacturer addressed the concerns, but some older chargers without updated equipment could still be at risk.