Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Major cyber attack by BlackSuit ransomware disables CDK Global’s operations

CDK Global, a leading software-as-a-service (SaaS) provider, facilitates car dealerships in managing various operational aspects, including sales, financing, inventory, service, and back-office functions

byKerem Gülen
June 24, 2024
in Cybersecurity

In a recent cyber attack update, CDK Global has been hit hard by the BlackSuit ransomware gang, causing a significant IT outage that has disrupted operations for car dealerships across North America. Multiple sources, who requested anonymity, have confirmed the involvement of the ransomware group, according to Lawrence Abrams of BleepingComputer.

Cyber attack update: CDK is hit by BlackSuit ransomware gang

Bloomberg reported that CDK Global is currently negotiating with the BlackSuit ransomware gang to secure a decryptor and ensure that no stolen data is leaked.

The ongoing negotiations come in the wake of the ransomware attack, which compelled CDK to initially shut down its IT systems and data centers to halt the spread of the attack. Despite attempts to restore services on Wednesday, a second cyber attack by BlackSuit ransomware forced CDK to shut down all its IT systems again, impacting its car dealership platform.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

CDK Global, a leading software-as-a-service (SaaS) provider, facilitates car dealerships in managing various operational aspects, including sales, financing, inventory, service, and back-office functions. Currently offline, dealerships are resorting to manual operations with pen and paper.

CDK vs BlackSuit ransomware: Cyber attack update
In a recent cyber attack update, CDK Global has been hit hard by the BlackSuit ransomware gang (Image: Kerem Gülen/Midjourney)

Additionally, two of the largest public car dealership companies, Penske Automotive Group and Sonic Automotive, revealed yesterday that they have also been affected by these outages. CDK continues to provide updates as they strive to resolve the situation promptly.

“Our Premier Truck Group business utilizes CDK’s dealer management system which has been disrupted. We immediately took precautionary containment steps to protect our systems and commenced an investigation of the incident, which efforts are ongoing. Premier Truck Group has implemented its business continuity response plans and continues to operate at all locations through manual or alternate processes developed to respond to such incidents,” Penske stated in an SEC filing.

“As a result, the Company experienced disruptions to its dealer management system (“DMS”) hosted by CDK, which supports critical dealership operations including those supporting sales, inventory and accounting functions and its customer relationship management (“CRM”) system. All of the Company’s dealerships are open and operating utilizing workaround solutions to minimize the disruption caused by this CDK outage,” said Sonic Automotive in the same SEC filing.

CDK also warns that threat actors are calling dealerships posing as CDK agents or affiliates to gain unauthorized systems access.

About BlackSuit ransomware gang

Launched in May 2023, BlackSuit is widely believed to be a rebranding of the Royal ransomware operation, which itself is considered a direct successor to the infamous Conti cybercrime syndicate. Comprising Russian and Eastern European threat actors, this organized gang has been a persistent security concern.

In June 2023, amidst discussions surrounding a potential rebrand, the Royal Ransomware group tested a new encryptor named BlackSuit, which coincided with their attack on the City of Dallas, Texas. Following these events, the Royal name ceased to be used, with the threat actors consolidating their operations under the BlackSuit moniker.

CDK vs BlackSuit ransomware: Cyber attack update
Cyber attack by BlackSuit ransomware forced CDK to shut down all its IT systems (Image: Kerem Gülen/Midjourney)

By November 2023, an advisory issued jointly by the FBI and CISA shed light on the connection between Royal and BlackSuit, noting significant similarities in tactics and coding within their encryptors. This advisory also tied the Royal ransomware gang to attacks on over 350 organizations globally since September 2022, with ransom demands surpassing $275 million.


Cybersecurity challenges faced by university networks


The transition from Royal to BlackSuit marks a strategic move by the cybercriminals to continue their illicit activities under a new guise, maintaining their dangerous presence in the digital world.


Featured image credit: Kerem Gülen/Midjourney

Tags: CDKCybersecurityransomware

Related Posts

Free and effective anti-robocall tools are now available

Free and effective anti-robocall tools are now available

October 3, 2025
WestJet cyberattack: 1.2m passengers’ data stolen

WestJet cyberattack: 1.2m passengers’ data stolen

October 2, 2025
Wiz: AI vibe coding leads to insecure authentication

Wiz: AI vibe coding leads to insecure authentication

September 29, 2025
DHS uses AI to detect AI-generated child abuse material

DHS uses AI to detect AI-generated child abuse material

September 29, 2025
Salesforce Agentforce hit by Noma “ForcedLeak” exploit

Salesforce Agentforce hit by Noma “ForcedLeak” exploit

September 26, 2025
Co-op Group reports £75m loss after April cyber-attack

Co-op Group reports £75m loss after April cyber-attack

September 25, 2025

LATEST NEWS

ChatGPT reportedly reduces reliance on Reddit as a data source

Perplexity makes Comet AI browser free, launches background assistant and Chess.com partnership

Light-powered chip makes AI computation 100 times more efficient

Free and effective anti-robocall tools are now available

Choosing the right Web3 server: OVHcloud options for startups to enterprises

Z.AI GLM-4.6 boosts context window to 200K tokens

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.