A pair of cyberattacks in mid-June plunged car dealerships across North America into chaos – and some dealerships in the Tri-Cities were among those affected.
The attacks targeted CDK Global, which provides software to nearly 15,000 car dealers. The software is used to make sales, track repairs and so on.
John Inman, chief executive officer of McCurley dealerships in the Tri-Cities, estimated that about half of the new car dealers in the Tri-Cities area were impacted, including McCurley locations.
The dealerships had to revert to making sales, tracking parts and conducting other day-to-day business using pen and paper instead of the computer.
“It’s not something we’re used to,” Inman said. “Twenty years ago, it wasn’t a big deal. We did it every day. But now we’re used to doing everything (on the computer) so it’s kind of created this conundrum.”
The CDK Global system was hacked around June 19, and Inman said the McCurley locations were back online by July 1. Once the dealerships were restored, work began to input all the transactions and other work that was done offline during the hack.
A CDK Global spokesman told Bloomberg on July 2 that all affected dealers were expected to be restored within the week. The cyberattack was carried out by a group called BlackSuit, which demanded ransom to end the hack, the outlet reported.
The hack is part of a growing trend, according to national reports.
A cyberattack on the Missouri-based Ascension health network in May forced ambulances to be diverted and other disruptions, and a February ransomware attack on Change Healthcare – a subsidiary of the global UnitedHealth Group – caused billing issues at pharmacies across the U.S., among other issues, CNN reported.
Inman said he’s proud of how his team has handled the disruption, and he’s grateful for customers who’ve been patient as they’ve worked through it.
McCurley takes great care to protect its customers and their information, he said, noting that the company years ago enlisted a cybersecurity firm to help on that front.
“We work with a local company called Devfuzion, which has been amazing over the last four or five years in helping us build out an infrastructure to protect our information and our customers’ information. We feel very comfortable that we’ve done what we can,” he said.
As for the software hack, it’s reinforced the need to be prepared, he said.
Should something like this happen again, “we’ll have the infrastructure in place to go, ‘OK, don’t panic, we can use paper and pencils, and this is what we need to do to keep track of everything so we can put it back into the (system) and be more prepared in that way.’ I think that’s probably the lesson learned,” Inman said.