On July 15, 2024, one of the largest car dealership companies in the US, AutoNation, warned that “earnings per share for the quarter ended June 30, 2024, will be negatively impacted by approximately $1.50 per share” following the report of an alleged ransomware attack against a critical third-party software provider CDK Global, which provides software solutions for thousands of car dealerships. [1] This figure, calculated for the second quarterly earnings report for 2024, results from the estimated loss of income for the period between June 19 and June 30. In the report to the Securities and Exchange Commission, the company states “the full scope, nature, and impact of the incident is yet to be known.”
CDK Global provides software for over 15,000 car dealerships, integrating sales, financing, inventory management and more through its software services. [2] On June 19, 2024, the company was hit by an alleged ransomware attack conducted by the threat actor BlackSuit. On July 11, 2024, CNN reported that CDK Global allegedly paid a $25 million ransom in Bitcoin to a cryptocurrency wallet controlled by the BlackSuit ransomware gang. [3]
AutoNation stated following the hack on the third party, “We expect to complete the restoration of all such systems and integrations prior to the end of July 2024.” The company notes that “Certain ancillary systems and integrations, such as those that help automate ordering, scheduling, payment, and reporting processes, remain unavailable or limited certain” however that the limited availability of these systems “is not expected to have, a material impact on our business”. [1]
Black Room Intelligence provides comprehensive Third-Party monitoring of your Supply Chain monitoring against data breaches and potential attacks. With a quick and simple onboarding process, your entire supply chain could be monitored within hours, providing immediate peace of mind and assurance.
1. Securities and Exchange Commission. "AutoNation Form 8-K." July 15, 2024. https://www.sec.gov/Archives/edgar/data/350698/000035069824000085/an-20240715.htm
2. The Record. "AutoNation says CDK ransomware incident cut into quarterly earnings." July 15, 2024. https://therecord.media/autonation-earnings-cdk-global-ransomware-attack
3. CNN Business. "CDK Global allegedly paid $25 million ransom following ransomware attack." July 11, 2024. https://edition.cnn.com/2024/07/11/business/cdk-hack-ransom-tweny-five-million-dollars/index.html
Registered in England and Wales (number 14885394) whose registered office is at 20-22 Wenlock Road, London, N1 7GU.
Address: 20-22 Wenlock Road, London, N1 7GU
Email: contact@blackroomintelligence.comPhone: +44 (0) 208 058 2971Linkedin: linkedin.com/black-room-intel.png)
.png)
