PSA type post which FWIW relates to the recent CDK Global hack (no, not CPK!) which is being mentioned and reported in the media. Personally I am currently a few degrees removed from the business but I still chinwag with active friends. Behind the scenes, things seem to be a lot more messy than being reported so the purpose of posting snippets of my text conversation with one of those friends, is to alert those of you who may be interested in this development. If some of you think like, "well, I have not bought a car for eons and I don't really care as to what happens to those greedy SOBs!", you may still want to read on just to be on your guard.
I would also like to add that this hack has reportedly affected about 15000 dealerships across the U.S so not all dealerships use this company for document management system but CDK is like the 800 lb. gorilla in the industry and since everything seems to be interconnected, who is to say that the rest will not be impacted in some form and shape down the road. I don't say that the sky is falling but the following account from a franchise manager on the ground in FL seems to be quite depressing:
"...The DMS is intertwined with everything. It controls the phones, the scheduling system for service, warranty, connecting with the manufacturers, parts ordering, and even ensuring vehicles we are working on.
Service is practically shut down because we can't functionally handle anything warranty wise nor can we properly document anything we are doing. And yes, there's some parts that can just be called in from third parties, but ordering from the manufacturer is dead.
We can't do payroll, nor pay any vendors because somebody thought it was genius to intertwine our own finances with the system.
I can't do business with other dealers because nobody knows what they own nor how much they own it for.
Our 3 dealerships have lost more than a million dollars in revenue, And I personally have become so desperate for income I re-upped my eBay account and dumped every little thing I could on there which really amounts to jack and sh*t!
So yeah, we can work deals by hand but it's still limits our ability to actually sell the vehicle because there's too many modern systems and registrations and everything else that go through CDK
We haven't even touched upon the fact we have no access to our own customer database, nor what this f*cking investment company has cost us with our customers information
In short, CDK claims to be the best dealer management system, conquering the industry with more than a third of the US market... and then they sold themselves to an investment firm that figured out how the gut all the techies from the company and coast on profit. And now they got hacked and they can't handle it whatsoever because they are an investment group, not software developers and when CDK was winning everyone over several years ago, manufacturers like general motors all but required it
They would say things like, "We prioritize orders through CDK, and our financing companies are all linked with it," etc etc...
So about 5 years ago the dealership had to switch over to CDK and we have BMW, and Mercedes, along with Buick and GMC franchises. All of them are interlaced for every possible internal system
And this Eastern European, russian-backed hacking group is holding the entire system hostage. They're not talking about it in the media, but the rumor is 100 million dollar ransom.
That's not to say that they take the hundred million dollars and unlock the system, but they also will have the data of $100 million people in the United States since CDK handles the financial arm of selling vehicles as well.
Social security numbers, all intimate information to verify who you are, your address, financial information, vehicle registrations....
Even if you haven't bought a car from a dealership in 15 to 20 years, when dealerships switched over to CDK.... They moved all of their data to CDK cloud.
The reason why is that older systems typically require you to have your own server located on site. Since your servers were going away, there were specific migration processes were you essentially backed up your entire dealership history to CDK
So there's a chance if you bought a Lexus at a car dealership in 2005 and have never thought of the dealership again, but they got hacked and your data was stored in the cloud
Obviously your home address and vehicle information could be old, but your date of birth, full legal name, and social security number are unchanged!
There could be possibly many thousands of lawsuits wrapped around this data breach.
Dealerships can't give customers back their cars because the customer is not going to pay out of pocket for warranty work, but we can't get reimbursed or process warranty work so the cars sit.
Customers will sue us.
We will sue CDK.
Customer's personal information is stolen and leaked online.
Customers will sue us.
We will sue CDK.
Investors will sue CDK for negligence.
Manufacturers will sue CDK for lost revenue.
Dealerships will sue CDK for lost revenue.
The investment firm could possibly collapse then declare bankruptcy to walk away from the mess!
This all sounds over the top, but no matter the outcome the repercussions will be a years of legal proceedings and lawsuits and class action movements and all that crap
Auto auctions are an absolute disaster, because dealerships don't even have access to their money nor know how much they actually have, nor have the means to process anything they would want to purchase. And why purchase something if you have nothing in place to be able to retail it.
Dealerships aren't doing business with other dealerships because they already have enough problems doing business with customers
And let's not talk about leases, which are completely intertwined with the manufacturers so you basically can't work a lease at all.
Essentially, if you have a vehicle on the ground and you have enough internal documents printed with the MSO, you could retail it to somebody who is either paying cash, having their own finances, or have really good credit and money down so you could work the deals the old school way.
On used cars, you can tell through your banking how much you purchased a vehicle for but you can't tell how much you have in it at the moment, but if the vehicle was certified and you printed all your ROs as you're supposed to you could do the work by hand to know how much you own it for and then sell it, as long as the customer meets the above guidelines for a new car..."
