In June 2024, a cyberattack on CDK Global disrupted dealership operations across the country. Offline dealership management systems (DMS) left thousands of businesses unable to access critical customer and inventory data. The revelation of how deeply integrated these systems are in day-to-day operations sparked broader conversations about technology risk and operational resilience in the industry.
Today, most systems are back online, but the road to full recovery continues. While the core technology issues have been resolved, many dealerships are still navigating the operational, legal, and strategic fallout. For those still assessing damage—or contemplating changes—we offer a practical overview of where the industry stands and what actions decision-makers might consider.
System Changes
The CDK outage prompted many dealerships to question whether they should continue with the same provider. Some are evaluating alternative systems, while others have begun transitioning to new platforms. A system change, however, is a complex decision that must be carefully evaluated.
Start by defining what your team needs from its DMS. What daily reports and tasks are essential? Can the new system provide those functions? If not, do you have a temporary manual process to fill the gap? Are you making the change in order to improve other operational struggles or solely based on the cyber incident? Answer these questions before making a switch.
Other important factors:
- Ease of Use: A new platform should be intuitive and improve workflow, not add complexity.
- Implementation Support: The provider must have the resources to guide your team through data migration, setup, and training, as well as adequate ongoing support through the first year.
- Peer Insight: Talk to other dealership owners, managers, and advisors. Many have either gone through a system change recently or are supporting others who have.
- Contract Terms: Understand historical data retention and system access terms if you leave your current provider, as well as any legal implications from early termination of service agreements.
- Timing and Resources: Choose a time for implementation that minimizes disruption to operations and financial reporting. Assign enough internal resources to the project to ensure a smooth transition.
Keep in mind, all systems have some level of vulnerability and could have similar issues as CDK. Making a system switch is ultimately about ensuring your business has the right tools and support to operate securely and efficiently.
Insurance Claims
Another lingering issue for many dealerships is the financial impact of the outage—and how it’s being addressed through insurance. Some businesses have filed claims related to lost income, while others are seeking reimbursement for additional costs incurred to restore operations. This is proving to be a lengthy process with many still awaiting audit results and determinations.
In general, claims related to direct expenses—such as hiring temporary staff or paying for manual processing—tend to be stronger because they can be documented clearly. Conversely, claims for lost revenue may require professional assessments or outside assistance to quantify, which can be costly and may not result in approval if the evidence isn’t strong enough.
Moving forward, dealerships should:
- Revisit their insurance coverage regularly to confirm that it includes cyber-related disruptions and adequate coverage limits.
- Ensure that leadership and administrative staff understand the types of documentation needed to support any future claims.
- Consider keeping a manual checklist or quick-reference guide for what to do immediately after an incident to preserve evidence and strengthen any claims filed.
Operational Resilience
Even as systems return to normal, the cyberattack serves as a reminder that no business is immune to digital risk. The industry is now facing renewed pressure to implement stronger protections and develop backup plans that account for both digital and manual operations.
Practical steps include:
- Manual Process Training: Make sure employees—including younger team members—know how to keep operations running if systems go offline. This might include handwritten deal jackets, manual inventory tracking, and paper-based appointment logs.
- Insurance and Claims Awareness: Keep up-to-date on your coverage and prepare staff to respond quickly and accurately if a similar disruption occurs.
- Cybersecurity Protocols: Establish internal procedures and set expectations with vendors for protecting sensitive data, including employee training, access controls, and regular system reviews. Cyber incidents do not discriminate and may also happen on the smaller scale at your dealership.
- Collaborate with Original Equipment Manufacturers (OEMs) and Floorplan Lenders: To be prepared to continue business as usual with limited disruption, determine set protocols between all parties for manual operating procedures in the event of a systems failure.
These efforts not only help protect your business in the event of future disruptions but also send a message to your customers and partners that your dealership is committed to continuity and accountability.
The Road Ahead
While the CDK attack is no longer front-page news, its effects are still being felt. Dealership leaders are right to take stock of what’s changed and what still needs attention. Whether it’s evaluating a system change, filing insurance claims, or tightening internal controls, the steps taken now will shape how prepared your business is for future disruptions.
Logan Donahue joined ARB in 2024 as an Audit Senior Manager. She provides professional assurance services for businesses ranging from small tech start-ups to multinational corporations in the life sciences, construction, auto dealerships, and consumer and industrial markets.
