Restored auto dealer services for a select group by CDK
CDK Global Faces Cyberattack, Affecting Major Car Dealers
CDK Global, a leading provider of software and technology solutions for automotive dealerships, has been hit by a cyberattack that has disrupted operations for some of the largest car dealers in North America.
The attack has resulted in disruptions to sales, customer relationship management, parts inventory, and accounting functions for CDK's customers. Some of these dealers, which are publicly traded, have filed disclosures with the Securities and Exchange Commission. Sonic Automotive, Penske Automotive Group, AutoNation, Group 1 Automotive, and Lithia Motors have all made disclosures, with Sonic and Penske filing on Friday, and the others on Monday.
CDK Global commands a large market share, providing more than 15,000 car dealer customers with software across North America. In response to the attack, the company has set up an automated voice message service to provide updates to customers regarding the recovery process. A dealer resource center has also been created to support sales and service efforts during the outage.
CDK Global has successfully brought a small initial test group of dealers live on the dealer management system, and is working to bring additional applications, including customer relationship management and service solutions, live. Some integration points with OEM systems and third-party partners may not be live immediately but will be phased out as quickly as possible.
The cyberattack highlights the potential vulnerabilities of large corporations in the automotive industry. As such, corporate stakeholders are increasingly interested in understanding the risk calculus of their technology stacks, with a particular focus on whether they are potential targets for cyberattacks.
Despite numerous requests for information, CDK has declined to answer questions about its recovery timeline and the nature of the attack. The company has, however, stated that it expects to restore services for all customers by June 30.
As of August 2025, there are no specific publicly available details in the provided search results about the timeline or impact of the cyberattack on CDK Global and its effect on car dealership operations. Further monitoring of official CDK Global statements or cybersecurity news sources is advised to obtain confirmed details on any incident, recovery progress, and operational impact.
The National Automobile Dealers Association counted 16,835 car dealers in the U.S. at the end of 2023, making the impact of this cyberattack significant for a large number of dealerships. The frequency and severity of cyberattacks on corporations are increasing, making it crucial for companies like CDK Global to prioritise cybersecurity measures to protect their systems and the businesses they serve.
- CDK Global's emphasis on cybersecurity could be heightened due to the disruptions caused by the cyberattack, recognizing the need to safeguard its financial and business operations, which are intrinsically linked to technology.
- The ongoing cyberattack on CDK Global, a prominent software and technology solutions provider in the automotive industry, underscores the importance of robust cybersecurity measures within the realm of business and finance.
