News

Car Dealers Warn Investors About Possible Financial Impact of Cyberattack (Bloomberg)

Published

10 months ago

on

The article below originates from the Bloomberg Wire Service. The views and opinions expressed in this story are those of the Bloomberg Wire Service and do not necessarily reflect the official policy or position of NADA.

Some of North America’s largest auto dealers are warning of a potential “material” impact on their finances from a cyberattack that has delayed operations at thousands of stores.

filed disclosures with the U.S. Securities and Exchange Commission on Friday. Group 1 Automotive Inc., AutoNation Inc., Lithia Motors Inc. and Asbury Automotive Group Inc. All six companies use CDK Global, whose so-called dealership management system was disrupted a week ago after a crippling hack.

The disclosures represent the first sign of potential widespread economic impact from the attack on CDK, which serves about 15,000 North American auto dealers. The incident is part of a growing phenomenon in which financially motivated cybercriminals have attacked critical links in the global IT supply chain – the Internet conduits one would least suspect were targets, bringing down entire industries along with them.

Shares of Sonic, Group 1, AutoNation, Lithia and Asbury have all fallen since the hack. Penske shares are up 2.5% since Wednesday as the company previously said its dealerships were not affected.

The incident “has had and will likely continue to have a negative impact,” Sonic said in its regulatory filing. The company has not yet determined whether the CDK outage will have a material effect on its financials. Sonic’s shares have fallen nearly 3% since the hack.

Here’s what other companies are saying about the impact of the attack on their business:

  • Penske said it uses CDK’s software for its Premier Truck Group division — but not for its U.S. or international automotive dealership operations. The truck dealership business represents lower unit volumes than its automotive dealership division, the company said.
  • Group 1 said its “ability to determine the material impact, if any, of the CDK hack and resulting service disruption will ultimately depend on a number of factors, including when and to what extent” it can resume access to CDK systems. Group 1 shares are down 2.5% since Wednesday.
  • AutoNation said the service outage was “disruptive and negatively impacted” its business. All of its locations remain open and continue to sell, service and purchase vehicles. But they are experiencing “lower productivity,” the company said. AutoNation shares have fallen 5.6% since Wednesday.
  • Lithia said it “has not yet determined whether the incident is reasonably likely to materially impact” its finances. The company said its dealerships continue to operate, but noted that the hack had a negative impact on business operations. Shares have fallen 0.4% since the attack.
  • Asbury Automotive said some parts of its business operations are running “slower than normal.” The company’s Koons Automotive sites in Maryland and Virginia do not use CDK’s dealer or relationship management systems, so they are operating with “minimal disruption.” Asbury has not yet determined whether the hack will have a material impact. Shares fell 1.4%.

The intrusion is the work of a hacking gang known as BlackSuit, Bloomberg reported on Monday. The U.S. Department of Health and Human Services recently stated in an alert that BlackSuit should be “watched closely” as a threat, in part due to the gang’s association with other extortion groups. BlackSuit uses malware and attack techniques that are remarkably similar to those of the now-defunct Russian-speaking Conti gang, suggesting to cyber researchers that BlackSuit is partly staffed by experienced Russian hackers.

The hackers demanded tens of millions of dollars in ransom from CDK, which it intends to pay. CDK said over the weekend that it expects restoring its systems to take “several days rather than weeks.”

The group operates as a ransomware-as-a-service gang, in which members rent their technical tools to affiliates and demand a cut of any extortion payments.

CDK provides software that helps dealers manage customer records, schedule appointments, handle auto repair orders, and complete transactions, among other tasks. CDK has not yet restored full service and the outage has forced dealers to stop or delay some services and resort to pen and paper.

(Adds details about the hacker gang in the penultimate paragraph. An earlier version of this story was corrected to reflect a full quote from Lithia’s lawsuit.)

For more stories like this, bookmark www.NADAheadlines.org Bookmark it in the browser of your choice and subscribe to our newsletter here:

SUBSCRIBE

Source

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version