Cyber breach Hits Car Dealership Network, Mirrors similar hack

In a devastating blow to one of the biggest economic drivers in the nation, the CDK Global network announced they had been breached on June 19th. Their breach resulted in a shutdown of the network, isolated and hammering the industry. The breach and fallout has some industry experts believing it might take months or years to repair the damage done.

The crisis was first revealed on June 19th. CDK Global, a network for n car dealerships that helps streamline the process for selling everything a car dealership needs, announces they were compromised. To make matters worse, it was not just their primary systems, it was also their back up systems that were impacted. As a result, CDK was forced to shut everything down, resulting in over 15,000 dealership groups off their websites.(1)

This number may seem small, but then you realize that its 15,000 groups with multiple brands and individual dealerships. associated with said groups, with most of this associates having three or four brands under their umbrella. Without even going into the deeper numbers of how many cars of each brand is sold plus the fact many dealers also serve as service centers, you’re looking at an industry that’s been sent back to the dark ages with mountains of paperwork that used to be online. With many customers, 81 percent in a recent survey saying they were looking at buying cars after seeing their online service, it’s a huge loss of revenue. (2)

The scary part is, this is not the first auto dealership related hack, nor is it the first one that dealt with a major part of the economy. A week prior to this hack, in an attack that might have been connected, the Findlay Auto Group, which owns about 33 different companies, was also compromised. They are now being sued by customers in a class action lawsuit over the belief that they did not do enough to protect their customers personally identifiable information. This attack like the CDK Global attack is being investigated by the FBI and cyber security experts. (3)

In regard to the scale and scope of the attack, there are some parallels to another high-profile attack in February, concerning the pharmacy industry. Change Healthcare, a distributor for the various prescription medicine throughout was targeted and forced to shut down their servers. This breach while affecting one company, had in fact started a chain reaction that disrupted many pharmacies throughout the nation. While seemingly innocuous, the mere fact that pharmacies could not only access their network to distribute their products but also were unable to process payments. In the days post breach, they could not fill orders for various prescriptions and were delayed in getting cash to their stores, resulting in a cash crunch and temporary closures of affected pharmacies. Over half of the pharmacies in the country used software connected to this one company.(4)

Looking at the Findlay Auto Group and the litigation that is brewing there, it is obvious that that CDK global or even their affiliates will be subject to a similar lawsuit in the future as this attack might have run afoul of privacy laws in the various states. As it is, it might take months or even years for the damage to be repaired, if at all. This might also set back car buying ion the near future as many are turned away from not only the high prices but also the difficulty in completing the paperwork to buy and register new cars. This breach should be a wake up call for every industry to focus on cybersecurity before something more permanent happens.

About Axis

At Axis Insurance Services, LLC, we’re proud of our reputation in building highly customized insurance solutions for all types of professional service companies and their employees. We believe our diverse product options and outstanding customer service help us earn our clients’ trust and loyalty.

What sets us apart from other insurance brokers is our deep understanding of the market and our ability to tailor coverage options in sync with our clients’ objectives. Professional and Management Liability policies can be a commodity – we only build custom coverage solutions that work.

Celebrating its 25th year anniversary in 2024, Axis Insurance Services, LLC, is proud of our reputation in building highly customized insurance solutions for all types of professional service companies and their employees. We believe our diverse product options and outstanding customer service help us earn our clients’ trust and loyalty.

Formed in 1999, Axis Insurance Services, LLC is a nationwide leader in the professional and management liability insurance industry, developing innovative risk management solutions for today’s evolving businesses. We offer insurance programs to a broad array of professionals and industries, including insurance agents/brokers, attorneys, commercial real estate firms, technology, healthcare/medical, financial institutions, architects/engineers, consulting firms, media, and many others.

In 2014, we launched PLRisk in 2014 and today the two firms provide retail and wholesale coverage solutions for Cyber Liability & Privacy/Network Security, Errors and Omissions, Directors and Officers, Employment Practices Liability, Commercial Crime and Fiduciary coverage.

For more information about our company, please click here.

 

Share this post

Recent Posts

Categories