Skip to main content
data

CDK Global Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The Lyon Firm is investigating reports of a ransomware attack that has impacted numerous entities linked to CDK Global, an automotive software outfit that has connections to AutoNation, Asbury Automotive, Penske Automotive, and thousands of auto dealerships around the country. Contact our data breach lawyers to learn more about the data security incident and to discuss how to protect yourself following any data theft event.

What Happened at CDK Global?

CDK Global has confirmed allegations that the company was the victim in a recent ransomware-style cyberattack. The automotive software company is still investigating, and more details will emerge in the coming weeks. We do know, however, that the breach could have exposed the confidential information of a huge number of consumers. At the time of writing, there is no evidence that consumer or employee information was in the hands of criminals, but if that is the determination, the company will begin to send out data breach notification letters to all impacted individuals.

According to a recent report, the data extortionist behind the attack is holding the trove of data for ransom, and is asking for millions of dollars. It is unclear if the company will cave to the demands, but if you do receive a notification letter from CDK Global, it is important to understand what is at risk in the matter of your personal security. Anyone who has data leaked online is at increased risk of fraud and identity theft.

According to sources, CDK became aware that they were breached on June 18, 2024, leading to the abrupt shutdown of its data centers and IT systems. This was an attempt to protect the consumer and employee information on file. Two of the largest car dealership companies, Penske and Sonic Automotive, said they were impacted by the outages.

BlackSuit is thought to be a rebrand of the disbanded Royal ransomware operation, an organized cybercrime gang comprised of Russian and Eastern European threat actors. Experts have linked the Royal ransomware gang to cyberattacks on at least 350 organizations worldwide since 2022.

car dealer lot

What is CDK Global?

CDK Global is a Customer Relationship Management (CRM) Software company operating out of Illinois. The company provides information technology and digital marketing solutions primarily to the automotive industry. CDK software is used by almost 15,000 auto dealerships, including AutoNation, General Motors, Group 1 Automotive, Holman, Asbury Automotive and Penske Automotive.

As auto dealerships across the country face the fallout and major disruption from the cyberattack, BlackSuit is reportedly demanding a $10 million ransom payment. There are rumors that the software provider is considering paying the ransom to expedite the recovery process.

Apparently, just as CDK was struggling to recover from the ransomware attack, it was hit by another data security incident. The San Jose, California-based CDK says it is working with third-party experts, but has been mum on the details of the exact sensitive situation behind the scenes.

Thousands of nationwide auto retailers rely on the CDK Dealer Management System (DMS) software to close deals, provide financing to customers, track company financials, and monitor employee pay schedules. AutoNation, for one, admitted the outage was very disruptive and had certainly impacted its business.

Call The Lyon Firm to learn more about the incident and to discuss taking legal action. We are involved in numerous class action data breach lawsuits, and we represent clients in all fifty states.