A Worldwide Wake-Up Call

Last week, automotive software-as-a-service (SaaS) provider CDK Global reported a Data Breach that has had ongoing catastrophic effects on the company, its customers, and consumers. While the event has devastated the dealerships, the story is a worldwide wake-up call for all.

What happened? What are the effects? What can affected companies do NOW? And what can we all do to better protect against attacks like these in the future?

What Happened?

CDK Global, providing financing, payroll, and other critical operational functions to 15,000+ car dealerships worldwide, discovered unauthorized access to its systems. While the event is still under investigation and details are few, the company has confirmed that sensitive data was compromised.

– Immediate and serious effects for CDK Global include:

  • Financial Loss—The stock price has been unstable as investors react. A slowdown in company operations also means loss of income, on top of what many are assuming was a ransom payment.
  • Operational Disruption – Resources are tapped as efforts focus on addressing the breach. The company’s ability to maintain normal operations is hindered.
  • Potential legal consequences – Lawsuits could be pending from affected dealerships and consumers, as well as potential regulatory fines for data protection violations.
  • Reputational damage – As a company that has built a reputation for security and reliability, the CDK Global brand has taken a beating.

– Effects on auto manufacturers and dealerships

This breach has gone beyond CDK to impact dealerships, manufacturers, and consumers. Potential effects include the following:

  • Data exposure—As with past breaches, sensitive customer and operational data, including financial and personal information, could have been compromised.
  • Financial loss – If customer data is compromised, dealerships could lose business or be required to compensate affected customers.
  • Operational disruptions – Many dealerships rely heavily on CDK Global’s software for day-to-day operations. Many resorted to pen and paper to keep business going. Decreased efficiency could also result in decreased customer satisfaction and loss of business.
  • Loss of Trust – Knowing that their information could be vulnerable, buyers may be hesitant to do business with affected dealerships.

What can CDK Global Customers do NOW in the face of the Breach?

Here are a few recommended steps:

  1. Ask CDK Global if you have been affected. (Even if you don’t get clear/satisfactory answers, it is important that you make the effort in case of legal issues down the road.)
  2. Be aware of FTC Regulations – including the FTC Safeguards Rule, which stipulates that companies must notify the FTC within 30 days of an attack.
  3. Be aware of individual state laws around breach notifications.
  4. Establish guidelines on how to protect against any future events. (Include links to CISA and other organizations.)
  5. Develop your PR strategy around transparency and clear communication. Be prepared to answer the tough questions (and make sure the whole team is in sync on the answers!) Be clear about what happened and what customers can do now.
  6. Reach out to state agencies and DMV.
  7. Consider legal counsel.

What Steps MUST We Take NOW to Prevent Similar Cyber Attacks?

As the investigation into the CDK Global breach continues, the automotive industry – along with all sectors – must take proactive steps to prevent similar incidents in the future.

1. Adopt Modern Cybersecurity Methodology: Strong Multi-Factor Authentication (MFA) still tops the list of most official guidelines because the Lack of a Strong MFA is behind most successful cyber-attacks.  But what is Strong MFA? Strong or Truly Phishing-Resistant MFA means NONE of the factors for authentication are shareable. Bad actors have gotten too adept at bypassing traditional MFA, where one or more factors can be compromised through social engineering, phishing emails, password spraying, and other methods. This includes one-time passcodes (OTPs), push notifications, etc., where the authenticating factors must be typed in.*

2. Find and Fix Vulnerabilities: Regularly perform penetration testing, vulnerability scans, system updates, and patches.

3. Employee Training – Ensure that all employees, from dealership staff to executives, are well-versed in cybersecurity best practices and can identify phishing attempts (Bad employee behavior or human error is at the source of most cyber-attacks). *Note, you can remove the #1 threat vector by going passwordless.

4. Network Security—Segment networks, disable unused ports, and limit access to critical resources with least privileged access or the Principle of Least Privilege (PoLP).

5. Backups – Maintain encrypted offline backups

6. Detection & Response – Use EDR or endpoint detection and response tools, monitor network traffic, and update antivirus software.

Cyber threats are evolving, so your cybersecurity defenses must also evolve and modernize—before it’s too late.

By taking a modern approach to cybersecurity, you’ll reduce the risk of a catastrophic attack. With the right tools in place, you’ll also improve user experience and save on costs for your company.

Ask us how, or contact us for a short demo of our Phishing-Resistant MFA + SSO Enterprise solution.