Hack targeting CDK is first time car dealers have been affected nationwide, Chicago experts say
CHICAGO (CBS) -- A trip to the car dealership might take a little longer than normal in Chicago these days—as one third of the city's roughly 400 new car dealers are using pen and paper to complete deals.
The reason is the software company they use for such transactions has been the victim of a cyber ransomware attack.
CDK Global told its car dealership clients that software tools powering their operations likely will not be fully functional for the remainder of the month after the company was hacked—causing a systemwide outage.
"This is the first for us," said car dealership general manager Katie Walls, "so this is uncharted territory."
The roadblock to normalcy is uncertain for some 15,000 car dealers trying to navigate a ransomware attack on the software company on which they rely.
"We don't know exactly what's been compromised yet until CDK lets the dealers know," said Mark Bilek, senior director of membership and dealer relations for the Chicago Automobile Trade Association.
CDK Global, based in Hoffman Estates, is one of the largest software companies used by car dealers. Everything from sales to parts and service runs through the technology.
"This is the first time dealers have really been affected nationwide," Bilek said.
Bilek said with CDK's system under attack, dealers are getting creative.
"What they are doing is reverting back to paper forms and wet signatures, and getting the deals done that way," said Bilek.
Yossi Levi was a car dealer for over a decade and is now known online as "the car dealership guy." He created and runs an automotive media brand.
"These hackers knew what they were doing. They went after a whale," said Levi, "Consumers who are also dealing with the disruptions—whether they can't buy, can't sell, can't get their vehicle serviced. It's been extremely disruptive. This is that black swan that no one could have expected in automotive."
CDK Global said it has already started regaining some control of its systems—but it is a slow process to get everything back up and running.
Late Tuesday, it was unclear how much personal and sensitive consumer data is at risk with the breach.
Clients and customers are advised to call their dealers before going in to make sure they will be able to do business.