CDK, a software provider for automobile dealerships, reportedly suffered a second cyberattack while trying to recover from the first.
As a result of this follow-on attack, the company was forced to disconnect most of its services and now says it does not know how long it will take to restore the system.
Meanwhile, many major auto dealerships in the United States have been paralyzed and unable to sell or service vehicles properly. They operate manually, with pencil and paper, and can only work on basic things.
No deadline
CDK Global recently reported suffering a cyberattack that forced it to shut down parts of its infrastructure. Less than 24 hours later, it began bringing some services back online, including CDK phones, DMS and digital retail services. Unify and DMS logins also became available shortly after.
However, it seems that the company got a little ahead of itself, as restoring services resulted in a secondary attack:
“We regret to inform you that we experienced an additional cyber incident late in the afternoon of June 19,” reads a CDK notification seen by beepcomputer.
“Out of continued caution and to protect our customers, we are once again proactively shutting down the majority of our systems. We are currently assessing the overall impact and consulting with third-party experts.” While the company at the time intended to restore its systems by Friday, it later said it did not have an ETA:
“At this time, we do not have an estimated time frame for resolution and therefore our dealer systems will likely not be available for several days,” the company said.
There is currently no indication that this was a ransomware attack or that any data was stolen. However, given the disruption caused, it is very possible.
