OKLAHOMA CITY – A cyberattack brought more than 15,000 car dealerships across the country to a near standstill.
The attack has caused a lot of problems for everyone who needs to get work done. Could it cause even more headaches once systems are back online?
One expert believes so. We’re told CDK Global has regained control of about 60% of their systems and it shouldn’t be long before they get everything back.
However, the concern now is whether and what information the hackers were able to collect.
“Many merchants across the United States, about 15,000 to be exact according to CDK, were affected because they use the software platform,” said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance.
The cyberattack affected car dealerships across the country and potentially thousands of their customers.
“It has a huge impact on their customers, on the dealers themselves, and it also impacts third parties, you know, suppliers, parts suppliers, auto repair shops and everything else of that nature,” Steinhauer said.
Steinhauer says that such cyber attacks have become more frequent recently.
“Attackers often target larger companies because they have more resources and money that they can extort using a tactic called ransomware,” Steinhauer said.
This attack has two aspects, he says: a service aspect that means dealers cannot continue their operations, and a personnel aspect that worries him.
“The other aspect is your private data that is stored by all these merchants in this larger system,” Steinhauer said. “So that’s another big part that worries me a little bit more: Whose data do they have?”
He says people don’t need to panic, they just need to be alert.
“You should be cautious of incoming messages, phone calls, text messages, emails, anything that is designed to get you to take action and create a false sense of urgency,” Steinhauer said. “Because attackers will use that news and the publicity of this breach to try to trick people into further social engineering actions.”
Steinhauer adds that if you receive a call or message from a merchant claiming you were affected by the breach, you should hang up and call the merchant directly to find out if this is true or not.
