(Reuters) - CDK Global (NASDAQ:CDK) said on Monday it anticipates all dealers to be live on its dealer management system (DMS) by late July 3 or early morning on July 4, about two weeks after a cyberattack-led outage upended operations across car dealerships in the U.S.
CDK's software is commonly used by dealers to integrate operational aspects such processing sales and transactions. Multiple dealers have flagged a potential hit from the outage.
The market for automotive dealer management system is somewhat of a duopoly between CDK and Reynolds and Reynolds, according to a recent client note by J.P. Morgan analyst Rajat Gupta.
WHAT HAPPENED
CDK Global on June 19 briefly shut down all its systems as it investigated a cyber incident, triggering a knock-on effect across the industry. It expects operations to be restored soon. CDK said its customer care channels have been restored and it was "actively working" to bring other applications live.
The company last week said it brought two small groups and one large publicly traded group of auto retailer live on its system as part of a phased approach.
WHY CDK IS IMPORTANT
CDK's DMS is responsible for streamlining operations at about 15,000 auto dealerships in the U.S. Dealership managers use the software to track store profitability, complete deals, monitor employee compensation and inventory levels.
WHAT HAS BEEN THE IMPACT
Dealers have moved back to traditional pen and paper format to conduct operations, as per local media reports.
The outage has impacted about half of Volkswagen (ETR:VOWG_p) dealers and around 60% of Audi's dealers, Reuters reported on Tuesday.Car retailers such as AutoNation (NYSE:AN), Sonic Automotive (NYSE:SAH) and dealership groups such as Lithia Motors (NYSE:LAD) and Asbury (NYSE:ABG) Automotive have also flagged disruptions.
New vehicle sales in the U.S. are projected to fall in June from a year ago, hurt by the cyberattack, according to a joint report by industry consultants J.D. Power and GlobalData on Wednesday.
Still, analysts have said the attack presents more of an inconvenience for dealerships and consumers as opposed to a significant business impediment.
WHO WAS BEHIND THE HACK
Analysts attributed the hack to a group called BlackSuit. Not much is known about the group, but it emerged in May 2023. Analysts said it is a relatively new cybercriminal team spun off of an older and well-known Russia-linked hacking group named RoyalLocker.