Update:
- CDK Global said “substantially all” of the nearly 15,000 car dealerships affected by a recent cyberattack against the software provider are back online, reports CNN.
- The June 2 update came nearly two weeks after a cyberattack caused a blackout for software used by the car dealerships.
- CDK said at the time that it was still working to bring other applications back online.
- The cyber attack was conducted by a hacking group believed to be from eastern Europe.
- The group reportedly demanded tens of millions of dollars in ransom from CDK.
- A former employee at a California car dealership filed a class action lawsuit against CDK in the wake of the incident.
- The former employee’s class action argued CDK failed to properly safeguard personal information it had stored in its network.
Auto dealers data breach overview:
- Who: Auto dealerships around the country have been affected by a hacking incident involving software company CDK Global, which provides cloud-based software to more than 15,000 auto dealers across the United States
- Why: CDK took its systems offline following a cyberattack conducted by a hacking group believed to be from eastern Europe.
- Where: The data breach affects auto dealers nationwide.
(July 1, 2024)
A hacking incident involving software company CDK Global reportedly caused an ongoing system shutdown for 15,000 auto dealers across the United States.
The hacking group behind the cyberattack is believed to be from eastern Europe, according to Bloomberg, which reported the group demanded tens of millions of dollars in ransom from CDK, which provides software to U.S. car dealerships, USA Today reports.
CDK reportedly intends to pay the ransom demand, according to Bloomberg’s report, which says the company’s discussions are subject to change.
The incident reportedly affected software management tools, while CDK reportedly initiated the system shutdowns out of “an abundance of caution” for its customers, according to USA Today.
CDK Global took systems back offline following additional cyberattack
In a letter sent to its customers, CDK reportedly says it initially restored its systems following the attack but chose to take them back offline in the wake of an additional cyberattack.
“Out of continued caution and to protect our customers, we are once again proactively shutting down most of our systems,” the letter says, as reported by USA Today.
There is no estimated time frame for how long the auto dealers’ systems will be shut down.
Auto dealers in Detroit, Michigan, meanwhile, responded to the system shutdown by using paper sales records, according to the Detroit Free Press, as reported by USA Today.
Last month, Nissan North America disclosed it suffered a data breach ,which the automaker says exposed the personal information of more than 53,000 of its current and former employees.
Nissan attributed the data breach to a targeted cyberattack on its external VPN that it says was conducted by an external threat actor who intentionally shut down certain of its systems prior to demanding a ransom.
Are you affected by the auto dealers data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
NEC lawsuit: Families take action against Enfamil and Similac baby formula makers
September 10, 2025 | Legal News
24 thoughts onMost auto dealerships back online following CDK cyberattack, company says
Please add me. I work at and bought a vehicle at the dealership
Please add me. I tried to purchase a car for my son and was denied only to find out my information was spread out to 7 different lenders causing hard inquiries on my credit report. Plus when I rceived thos letters derogatory remarks were mentioned on my name. I explained to the dealership that I did not authorize you to run my name 7 times. The dealership ignored my attempts.