HQ/EMEAFind out how we can help your business
CDK Global said its dealer management system (DMS), which suffered a large IT outage caused by a ransomware attack last month, will be back online by Thursday for all vehicle dealerships.
Moreover, the company is also attempting to restore access to other affected applications, such as ONE-EIGHTY, Customer Relationship Management (CRM), and Service Solutions.
The announcement stated that the company is continuing its staged restoration approach and is quickly restoring dealers’ operations on the Dealer Management System (DMS). Additionally, the company believes all dealer connections will be operational this week by Wednesday (July 3) or early Thursday morning (July 4).
The recent incident has caused significant disruption as software-as-a-service (SaaS) is employed by over 15,000 vehicle dealerships in North America. This platform has become essential for various companies as it offers services such as managing operations, which include sales, financing, inventory, service, and back-office tasks.
The widespread outage caused by last month’s ransomware attack prompted CDK to use its dealer management system to shut down its IT systems, data centres, and car dealerships. This implication of the outage also forced the company to revert to pen-and-paper transactions, and the buyers could not purchase cars or receive service for previously purchased vehicles.
However, the problem worsened after CDK experienced a second hack while addressing the initial attack. The second attack forced the company to shut down all IT and login systems to isolate the intrusion.
Furthermore, CDK warned relevant parties a couple of weeks ago about the threat actors’ effort to fake dealerships and impersonate CDK affiliates or representatives to acquire illegal access to their systems.
The BlackSuit ransomware gang is the primary suspect in the attack on CDK Global.
CDK Global has yet to clarify who was responsible for last month’s breach, but researchers suspect that the incident was the BlackSuit ransomware gang’s campaign. This assumption could be viable as the group is notorious for targeting IT systems that disrupt company operations.
Also, other researchers believe that the corporation is in the middle of negotiating with the ransomware organisation to acquire a decryptor and prevent data exposure.
The announcement of the return of CDK’s DMS could indicate that the company has already resolved the situation. Still, potentially affected individuals should remain cautious since the company has yet to admit that the ransomware attack has been fully addressed.
