Sources suggest CDK Global paid $25 million in ransom to thwart cyber attack

Sources suggest CDK Global paid $25 million in ransom to thwart cyber attack

Sources suggest CDK Global paid $25 million in ransom to thwart cyber attack

CDK Global reportedly paid a ransom, leading to the restoration of the systems of up to 15,000 American car dealerships, according to sources who spoke to the media.

Last month, auto dealership software provider CDK Global announced that it detected a cyber incident on its network, causing many of its systems to go offline.

“We are currently experiencing a cyber incident. Out of caution and concern for our customers, we have shut down most of our systems,” CDK spokesperson Lisa Finney said in a statement seen by the media on June 19.

Last week, CDK managed to restore services after an outage that seemed to be over. While the company has not yet revealed how it restored services, sources cited by American media giant CNN said that the company appears to have shelled out $25 million in ransom to the BlackSuit ransomware gang.

According to Chris Janczewski, head of cryptocurrency tracking firm TRM Labs, speaking to CNN, 387 bitcoins, equivalent to approximately $25 million, were transferred to an account owned by hackers connected to the BlackSuit ransomware gang.

While the source of the payment was not identified, other sources cited by CNN who wished to remain anonymous suggest that it was highly likely that CDK paid the 387 bitcoins. This is despite the fact that the account that sent the ransom payment is not owned by CDK but rather an account connected to an organization known for helping ransomware victims deal with attacks, according to the source.

A week after making the payment, CDK announced it would bring car dealerships back online.

CDK has not yet commented on claims that it allegedly paid the ransom, but announced earlier this month that “virtually all” of its 15,000 car dealership customers were back online with its software.

“We are happy to report that we are ahead of schedule,” said an automated message on the company’s customer service line.

That said, a July 5 US SEC 8-K filing suggests some systems remain offline.

“Other affected systems, including CRM and certain DMS functions, remain offline while the company continues to investigate and test those systems,” CDK said.

Leave a Reply

Your email address will not be published. Required fields are marked *