CDK Global Security Breach Impacts Thousands of Dealerships

CDK Global Breach Impacts Thousands of Dealerships

Late last evening, June 19th, CDK Global suffered their second system breach in two days. CDK Global is a Software-as-a-Service (SaaS) platform that provides a full suite of software solutions for car dealership’s operations from service and support to sales and finance.  

CDK was alerted of their first breach Tuesday night which caused them to shut down their systems. After beginning to restore services, they were hit with another attack, forcing them to shut down their systems for a second time yesterday evening.  
Please find below a brief summary and the essential steps we took to ensure you are secure.


The disruption has forced the 15,000 car dealerships it serves offline. CDK is working with third-party experts to restore its systems. 
CDK’s software integrates deeply with client networks, often running directly on user machines and requiring dedicated network equipment for communication. This tight coupling creates a potential attack surface for ransomware aimed at CDK to spill over and impact client systems. 
The severity of this risk for individual businesses depends on the extent of CDK’s control within their environment. Businesses with high levels of access granted to CDK software and deeper system integration face a greater potential for disruption. 

Are You Affected? 

To determine if you’re impacted, check with your IT department or review your software inventory for any CDK products.  

  • Verify with your IT department if your business utilizes CDK software.
  • Discuss with your IT team the security controls they have implemented to mitigate potential risks associated with the CDK vulnerability.
  • If CDK is critical for your operations, explore alternative solutions or workarounds to minimize disruption if necessary. 

Catalyst IT monitors your business 24/7/365 with an all-encompassing team of experts taking the necessary steps to stop any vulnerabilities in their tracks. If your IT department was not aware of the breach or could not robustly sever the ties that posed risks, consider giving Catalyst IT a call. 

Catalyst IT’s Proactive Steps 

Here are some of the ways Catalyst IT has prevented any threats or risks from infiltrating our clients’ systems that utilize the CDK platform. 

  • We proactively severed the connection between CDK and our clients when notified about the attack. Our clients can still work and access the internet, but there is no open connection with CDK while they are offline.
  • We will not reactivate any CDK services until we are positive the issues have been resolved. 
  • We terminated CDK through our application controls and shut down their associated applications from running within our customers’ environments. 
  • Our clients are continually being monitored for suspicious activity and for any threats throughout this process.

Reach out for more information 

Interested in the peace-of-mind our team of proactive experts can provide? Contact us here with any questions or call (877) 843-9611.