CDK Outage: Impacts and Insights

Have you tried to buy a car or get one serviced this past week, or have you ever driven past or visited a car lot? It reminds me of visiting the abandoned Tri-County Mall. You can’t find anyone at car dealerships because the automotive retail industry faced a significant disruption due to a CDK Global outage. CDK Global, the primary provider of software technology solutions to the automotive sector, experienced multiple cyber-attacks that affected thousands of dealerships and completely stopped all operations.

What Happened with the CDK Outage?

The outage, which began on June 19, was caused by what has been discussed online as a Ransomware attack. Out of an abundance of caution, the CDK outage took all of its systems offline to start to restore their systems. Because of this disruption, several critical services provided by CDK, including dealership management systems, service scheduling, and inventory management tools, have been unavailable. Thus, you cannot purchase or get a car serviced in over 15,000 dealerships nationwide.

CDK Outage Impact on Dealerships

The immediate effects of the outage were felt across the automotive retail sector:

• Operational Delays: Dealerships experienced significant delays in processing sales, managing inventory, and scheduling services, which affected customer satisfaction.
• Financial Losses: Many dealerships suffered financial losses due to their inability to conduct regular business operations. According to Commerce Department estimates, car dealerships processed $122 billion in automotive sales and service transactions last month, which accounted for 15% to 17% of all retail sales in May.
• Data Accessibility: Access to crucial data for decision-making and customer interactions was severely hampered.

Response and Mitigation

CDK Global promptly acknowledged the issue and mobilized its technical teams to address the root cause. They communicated regularly with affected clients, providing updates on the status of the recovery efforts. Meanwhile, dealerships had to rely on contingency plans to manage day-to-day operations.

Lessons Learned from the CDK Outage

This incident underscores the importance of robust disaster recovery and business continuity plans. Here are some key takeaways:

• Redundant Systems: Implementing redundant systems and backups can minimize downtime during such outages.
• Regular Updates: Keeping all software and systems up-to-date can prevent technical issues.
• Clear Communication: During service disruptions, timely and transparent communication with stakeholders is crucial.

Moving Forward from CDK Outage

As the automotive industry demonstrates, our economy is reliant on digital solutions. We are responsible for ensuring we do everything necessary to prevent issues like this that cause mass outages to major sectors of our economy.

Businesses in all sectors must work closely with their internal IT departments to develop and maintain robust IT infrastructure and emergency response strategies. If you would like to test your IT systems or perform a tabletop exercise, please get in touch with us so we can discuss the process with you over the phone.

Tanner Security Consulting Services

Tanner Security is a trusted leader in IT security consulting, dedicated to protecting businesses from the ever-evolving cyber threat landscape. With over two decades of experience, we offer a full range of security solutions tailored to the unique needs of organizations across various industries. Our expertise spans IT Risk Assessments, Compliance Audits (PCI, ISO 27001, HIPAA, CMMC), Penetration Testing (web applications and networks), Policy Authoring, Virtual CIO Consulting, Network Vulnerability Assessments, SIEM Services, and Configuration Reviews.

We work closely with businesses to identify weaknesses, implement effective security controls, and maintain compliance with industry best practices, ensuring their digital infrastructure remains protected against ever-growing cyber threats.

At Tanner Security, cybersecurity is not just about meeting compliance requirements but creating a proactive, resilient security program capable of adapting to new risks. Our CMMC audit preparation services help businesses achieve the cybersecurity maturity levels required for government contracts, ensuring they meet all security controls.

Our expertise in cloud security, internal network assessments, and customized security strategies also allows organizations to develop comprehensive risk management approaches that align with their business goals. We collaborate with clients to design and implement scalable security solutions that address immediate concerns and support long-term security and compliance objectives.

Our hands-on, consultative approach and unwavering commitment to delivering practical, results-driven security strategies set Tanner Security apart. Whether your organization needs a one-time security assessment or ongoing cybersecurity support, our team of seasoned professionals provides actionable insights that help safeguard your systems, data, and reputation.

We prioritize clear communication and tailored solutions, ensuring our clients receive expert guidance that enhances their overall security posture. By partnering with Tanner Security, businesses gain a dedicated cybersecurity ally, empowering them to stay ahead of cyber threats while maintaining compliance, operational efficiency, and long-term resilience.