Auto Dealers Nationwide Go Back to Pen and Paper After Cyberattacks

Apparently, the pen is mightier—and less prone to hacking—than the software that many auto dealers use.

Ed Morse Honda

Thousands of dealerships throughout the U.S. have turned to good, old-fashioned pen and paper after a series of cyberattacks disabled the computer systems that underpin their sales and service departments this week. The first cyberattack hit CDK Global in the early hours of June 19, prompting the company to shut down its widely-used dealership management system (DMS) and leading to what Automotive News called “chaos throughout the U.S. auto retail segment.” The second cyberattack hit later in the evening of the same day, forcing another shutdown, which led some frustrated dealers to revert to handwritten notes to keep business humming along.

CDK Global said it shut down its DMS “proactively” in an effort to protect the sensitive data of its customers, which includes 15,000 auto dealers in the U.S. and jumps to a total of 30,000 when accounting for truck dealers, per Auto News. CDK Global “dominates its market by a wide margin”, according to analysts, meaning a large portion of American dealers rely on its software services to do business. The DMS that the hackers targeted is used by dealerships to process deals, order and sell replacement parts, and to handle repair orders. The CDK system also provides back-end software for vehicle inventory management, cashier operations, accounting departments, and—everyone’s favorite—the finance and insurance departments of many major dealers.

Rather than let the cyberattacks bring business to a grinding halt for a span of two days, many dealerships scrambled to manually close on sales, order parts, and log service at their repair bays. The solution is to go low-tech for now, then input those sales and work orders once the DMS comes back online, as one Florida dealer tells Auto News. The dealer went on to say, “it’s no different than when a hurricane comes and we’re out of power.” That’s technically true, but I don’t know how many people are shopping for a car or dropping off for service in the middle of a hurricane evacuation. Oh, Florida.

Meanwhile, a dealer in San Antonio, Texas, tells Auto News things have been “rather normal on the service side,” and that when a service manager asked if they should start turning customers away, the answer was “absolutely not.” It seems even a system-wide shutdown cannot prevent dealers from charging arm-twistingly high labor rates. The Texas dealer said that despite the annoyance, it was “rockin’ and rollin’,” scrawling repair orders by hand as techs looked up replacement parts online. (For any BMW dealerships affected, may I suggest RealOEM?)

Some appear to be handling it better than others. The CEO of a major dealer group in Florida that uses CDK Global software at 80 percent of its locations told Auto News, “People these days seem to have forgotten how to use a pencil…We can still take the customer’s information; we can still write down their concerns. We can still take a piece of paper and walk it over to the technician and get the job done.”

For its part, CDK Global says that it’s taking the necessary steps to fully recover from the suspected cyberattacks, starting by assessing the impact with the help of third-party experts. It’s also providing updates to its affected customers, though that could be of little relief to dealers. The full fallout of the cyberattacks is unclear beyond the DMS shutdown and any business lost due to the suspension. It’s also still unclear how the hackers breached the widely-used DMS in the first place, but until CDK can restore functionality and patch up the security of its software, many U.S. dealers have little choice but to keep it old-school.

Got tips? Send ’em to