It’s been almost two weeks since the CDK Global cyberattack paralyzed the US automotive industry and many car sales outlets are still limping back to normalcy.

The CDK Global cyberattack has reportedly raked up millions of dollars in losses for dealerships. According to a report by CNN, the cyber automobile, the cyberattack has made it difficult for dealers to track customer interactions, orders and sales.

Background of CDK Global Cyberattack

On June 19, 2024, CDK Global, a provider of software solutions to around 15,000 auto dealerships across the United States, experienced a cyberattack. On June 21, the company disclosed that it experienced twin cyberattacks in the same week.

The cyberattacks, had a profound impact on major clients of CDK Global, including General Motors dealerships, Group 1 Automotive, Asbury Automotive Group, AutoNation, Lithia Motors, Penske, Sonic Automotive and Holman, which operates dealerships across the U.S. These dealerships rely heavily on CDK’s software to manage their daily operations, from sales transactions to inventory management.

CNN reported that due to the outage, some dealers started fulfilling orders with pen and paper. Other services, such as state inspections, repairs and parts deliveries, came to a standstill in some parts of the country.

After the initial attack, CDK Global shut down most of its systems to investigate the incident and restore systems. “We are actively investigating a cyber incident,” the company had said. “Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible.”

How Victim Firms Responded to Cyberattacks

In response to the cyberattacks, Asbury, AutoNation, Lithia Motors, Sonic Automotive, and Group 1 Automotive activated their incident response plans and disconnected from CDK systems as a precaution.

Sonic Automotive mentioned that as of June 24, the extent to which the attackers accessed customer data remains unknown.

Lithia Motors highlighted the ongoing negative impact on its operations, indicating uncertainty over whether the incident will materially affect its financial condition.

Penske Automotive reported that the ransomware attack primarily affected its Premier Truck Group, which sells heavy- and medium-duty trucks across 48 locations in the U.S. and Canada. The company has implemented business continuity plans and continues operations using manual and alternate processes designed for such incidents. Penske noted that the truck dealership business that serves business customers has lower unit volumes compared to automotive dealerships.

Asbury said business operations are functioning but “slower than normal.” It added that the dealerships at Koons Automotive locations in Maryland and Virginia do not use CDK’s Dealer Management System or CDK’s Customer Relationship Management system and therefore continue to operate with minimal interruption, as does Clicklane, their online vehicle purchasing platform. Asbury operates 157 new vehicle dealerships, which includes 206 franchises representing 31 domestic and foreign vehicle brands.

Cyberattack Could Almost Cost a Billion in Losses: Report

An estimate study prepared by the Anderson Economic Group, reported that the cyberattacks on CDK could result in approximately $944 million in direct losses due to business interruptions for affected car dealers if the outage lasts a full three weeks.

In an automated voice message to its clients on Friday, CDK company said it was making progress in bringing some dealerships back online  but it did not expect the issue to be entirely resolved until July.

“We do feel it’s important to share that we do not believe that we will be able to get all dealers live prior to June 30,” the message said.

The CNN report, quoting a CDK spokesperson, said, “We have successfully brought two small groups of dealers and one large publicly traded dealer group live on the Dealer Management System (DMS). We are also actively working to bring live additional applications — including our Customer Relationship Management (CRM) and Service solutions — and our Customer Care channels.

“We understand and share the urgency for our customers to get back to business as usual, and we will continue providing updates as more information is available,” the CDK spokesperson added.