Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Major cyber attack by BlackSuit ransomware disables CDK Global’s operations

CDK Global, a leading software-as-a-service (SaaS) provider, facilitates car dealerships in managing various operational aspects, including sales, financing, inventory, service, and back-office functions

byKerem Gülen
June 24, 2024
in Cybersecurity

In a recent cyber attack update, CDK Global has been hit hard by the BlackSuit ransomware gang, causing a significant IT outage that has disrupted operations for car dealerships across North America. Multiple sources, who requested anonymity, have confirmed the involvement of the ransomware group, according to Lawrence Abrams of BleepingComputer.

Cyber attack update: CDK is hit by BlackSuit ransomware gang

Bloomberg reported that CDK Global is currently negotiating with the BlackSuit ransomware gang to secure a decryptor and ensure that no stolen data is leaked.

The ongoing negotiations come in the wake of the ransomware attack, which compelled CDK to initially shut down its IT systems and data centers to halt the spread of the attack. Despite attempts to restore services on Wednesday, a second cyber attack by BlackSuit ransomware forced CDK to shut down all its IT systems again, impacting its car dealership platform.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

CDK Global, a leading software-as-a-service (SaaS) provider, facilitates car dealerships in managing various operational aspects, including sales, financing, inventory, service, and back-office functions. Currently offline, dealerships are resorting to manual operations with pen and paper.

CDK vs BlackSuit ransomware: Cyber attack update
In a recent cyber attack update, CDK Global has been hit hard by the BlackSuit ransomware gang (Image: Kerem Gülen/Midjourney)

Additionally, two of the largest public car dealership companies, Penske Automotive Group and Sonic Automotive, revealed yesterday that they have also been affected by these outages. CDK continues to provide updates as they strive to resolve the situation promptly.

“Our Premier Truck Group business utilizes CDK’s dealer management system which has been disrupted. We immediately took precautionary containment steps to protect our systems and commenced an investigation of the incident, which efforts are ongoing. Premier Truck Group has implemented its business continuity response plans and continues to operate at all locations through manual or alternate processes developed to respond to such incidents,” Penske stated in an SEC filing.

“As a result, the Company experienced disruptions to its dealer management system (“DMS”) hosted by CDK, which supports critical dealership operations including those supporting sales, inventory and accounting functions and its customer relationship management (“CRM”) system. All of the Company’s dealerships are open and operating utilizing workaround solutions to minimize the disruption caused by this CDK outage,” said Sonic Automotive in the same SEC filing.

CDK also warns that threat actors are calling dealerships posing as CDK agents or affiliates to gain unauthorized systems access.

About BlackSuit ransomware gang

Launched in May 2023, BlackSuit is widely believed to be a rebranding of the Royal ransomware operation, which itself is considered a direct successor to the infamous Conti cybercrime syndicate. Comprising Russian and Eastern European threat actors, this organized gang has been a persistent security concern.

In June 2023, amidst discussions surrounding a potential rebrand, the Royal Ransomware group tested a new encryptor named BlackSuit, which coincided with their attack on the City of Dallas, Texas. Following these events, the Royal name ceased to be used, with the threat actors consolidating their operations under the BlackSuit moniker.

CDK vs BlackSuit ransomware: Cyber attack update
Cyber attack by BlackSuit ransomware forced CDK to shut down all its IT systems (Image: Kerem Gülen/Midjourney)

By November 2023, an advisory issued jointly by the FBI and CISA shed light on the connection between Royal and BlackSuit, noting significant similarities in tactics and coding within their encryptors. This advisory also tied the Royal ransomware gang to attacks on over 350 organizations globally since September 2022, with ransom demands surpassing $275 million.


Cybersecurity challenges faced by university networks


The transition from Royal to BlackSuit marks a strategic move by the cybercriminals to continue their illicit activities under a new guise, maintaining their dangerous presence in the digital world.


Featured image credit: Kerem Gülen/Midjourney

Tags: CDKCybersecurityransomware

Related Posts

Google’s Live Threat Detection is reportedly coming to more Android phones

Google’s Live Threat Detection is reportedly coming to more Android phones

October 23, 2025
Meta’s latest update focuses on protecting older users from scams

Meta’s latest update focuses on protecting older users from scams

October 22, 2025
US judge bans NSO Group from targeting WhatsApp users with Pegasus spyware

US judge bans NSO Group from targeting WhatsApp users with Pegasus spyware

October 21, 2025
AWS outage: A complete list of every site and app that went down

AWS outage: A complete list of every site and app that went down

October 20, 2025
Windows 11’s new security patch is a system-breaking disaster, fix it now

Windows 11’s new security patch is a system-breaking disaster, fix it now

October 20, 2025
Discord confirms support vendor hack exposing user data and government IDs

Discord confirms support vendor hack exposing user data and government IDs

October 20, 2025

LATEST NEWS

OpenAI adds scheduling powers to ChatGPT with new Tasks feature

Instagram adds watch history for Reels on Android and iOS

Huawei: Quad-foldable phone is possible in 2026

Watch: SpaceX launches 84 more Starlink satellites in three Falcon 9 missions over 4 days

Mistral AI takes on Google with enterprise AI Studio

Gemini can now generate full presentations from text or files

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.