Large - Scale Supply Chain Hack On Auto Industry

Uploaded on 2024-06-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hackers are claiming responsibility for a cyberattack on CDK Global  software systems that provides software for thousands of car dealerships in the US. 

The Illinois-based company issued an urgent warning Friday 20th June, cautioning people about bad actors posing as employees during phone calls to get credit card details and access to their accounts.

CDK has said it experienced a cyber incident on Wednesday19th June and it is understood they have received a demand for millions of dollars in ransom to restore systems. US auto retailers Sonic Automotive and Penske Automotive also announced that they have been attacked

According to sources, CDK has launched an investigation by experts, notified law enforcement and has begun the restoration process. CDK said restoration will take several days. "...In the interim we are continuing to actively engage with our customers and provide them with alternate ways to conduct business," CDK said in the statement.

It is understood that CDK briefly restored some services for a few hours on June 19th, but was forced to deactivate them following a second cyber attack. 

  • The automaker Ford said that there was an industrywide system outage for dealers who use CDK. "However, many Ford and Lincoln customers are able to receive sales and service support due to alternative processes available to our dealers," they said. 
  • Sonic Automotive said its dealerships were open and it was working to minimise the disruption. The company said it was unable to determine if the outage would affect its financial condition, but that it did have a "negative impact" on its operations.

CDK has warned its customers that that their systems likely will not be available for a number of days. 

CDK Global   |   Reuters   |     Bloomberg   |    USA Today   |    Fortune   |   MSN   |    Yahoo   |     Mail   

Image: Denin Lawley

You Might Also Read: 

Toyota Shut Down Japanese Plants In A Supply Chain Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Leveraging The Benefits Of LLM Securely 
The Psychology Of GenAI Manipulation »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

AtkinsRéalis

AtkinsRéalis

AtkinsRealis is a market-leading design, engineering and project management consultancy operating in fields ranging from infrastructure, through energy and transport to cybersecurity.

American International Group (AIG)

American International Group (AIG)

AIG, is an American multinational insurance corporation. Commercial services include cyber risk insurance.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

Axcient

Axcient

Axcient offers MSPs the most secure backup and disaster recovery technology stack with a proven Business Availability suite.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

Institute for Pervasive Cybersecurity - Boise State University

Institute for Pervasive Cybersecurity - Boise State University

Boise State University’s Institute for Pervasive Cybersecurity is a leader of innovative cybersecurity research and advancement in Idaho and the region.

Tentacle

Tentacle

Tentacle has developed a configurable data management tool that helps organizations to improve their information security programs and overall security posture.

Epoch Concepts

Epoch Concepts

Offering a full line of IT services, solutions, and integration capabilities, Epoch Concepts is the trusted partner of the US military, federal agencies, private enterprises, and systems integrators.

Dion Training Solutions

Dion Training Solutions

Dion Training Solutions offer comprehensive training in areas such as project management, cybersecurity, agile methodologies, and IT service management.

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.

CMIT Solutions

CMIT Solutions

CMIT Solutions is a recognized leader in Managed IT Services for businesses. We empower businesses like yours by providing innovative technology solutions, managed IT services and cybersecurity.

SSL2BUY

SSL2BUY

SSL2BUY is a leading SSL certificate provider, authorized to sell top CA brands like Comodo, DigiCert, GlobalSign, Thawte, GeoTrust and more.

Cloud Carib

Cloud Carib

Cloud Carib is the premier provider of managed cloud services in the Caribbean and Latin American regions.