Dude, where’s my car?

If you’re among the many thousands of Americans who bought a car in the past week, odds are you didn’t have the easiest time.

Somewhere around June 18^th CDK Global, a corporation that provides data and technology for a number of automotive and automotive adjacent industries was hit by a ransomware attack that affected nearly 15,000 car dealerships in North America. So, what exactly did the cybersecurity event effect? For one thing dealerships were unable to access the critical sales and financing systems they needed to sell their vehicles.

Yikes, not remotely ideal, especially since automotive industry sales were up recently, with some statistics suggesting there were as many as 1.4 million cars sold in May, up 8.8% since April, and a 5.0% year over year increase. A hiccup of this magnitude was definitely not welcome, especially with a major holiday around the corner. To their credit most dealerships got out the pens and paper and did their sales the old-fashioned way.

One dealership owner told Reuters he had sold as many as 100 cars in the past week despite the cyber hardship being experienced, however, CDK’s system is what is used to generate the paperwork needed to formally handover those cars to paying customers. What’s the legal liability like in a situation like that? I suspect at least a handful of people may have found out in the past week.

The group behind the attack is an Eastern European group called BlackSuit, and I can’t say I’d heard of them before, but you can bet you’ll be hearing from them again. CDK is said to be paying the ransom numbering in the tens of millions of dollars. The next several days will be spent getting systems back online at the affected dealerships.

So, if you’re in the market to get a car during a holiday sale sometime next week during the Fourth of July, make sure to kick the tires figuratively while you’re there.

Maybe actually kick the tires depending on the dealership.