June Auto Sales Reporting Thrown off by CDK Cyberattack
The automotive industry, in its stride towards recovery from recent setbacks, faced a significant hurdle following a cyberattack on CDK Global, a pivotal technology supplier. This disruption has cast a shadow over financial outcomes for the impacted period, complicating the task of sustaining investor confidence amidst uncertain times.
Cox Automotive, a major player in automotive services and technology, underscored the repercussions of the cyberattack, which rendered dealer management systems (DMSs) dysfunctional for approximately two weeks. “We have observed sales and inventory reporting disruptions due to the CDK outage, but we anticipate these trends will recover in the coming weeks,” explained Scott Vanner, Cox Automotive’s senior analyst of economic and industry insights. Vanner further elucidated, “While reporting was more disrupted than actual sales, we estimate a decline in used retail sales for June compared to May. Nonetheless, akin to a weather event’s transient effect, we anticipate the recuperation of any lost sales in June during July.”
The narrative of disruption extends to new light-vehicle sales as well, marred by DMS outages and consequent uncertainties in reporting for the initial half of 2024. In light of the crisis, numerous dealers resorted back to antiquated pen-and-paper systems for tracking—a method not only labor-intensive but also susceptible to errors, as highlighted by a dealership owner in Michigan in interactions with Reuters. Despite not experiencing a downturn in sales, the owner acknowledged the increased complexity in managing existing sales due to the cyberattack.
The attack has fundamentally impacted dealers’ capabilities to precisely document sales figures, posing questions about its extensive implications on the automotive retail sector. The immediate effect on sales reporting can skew financial outcomes for the quarter, influencing a range of elements from revenue forecasts to investor confidence.
“Certain ancillary systems and integrations, such as those facilitating ordering, scheduling, payment, and reporting processes, are either still down or functioning in a limited capacity, with ongoing efforts to fully restore these services,” reported AutoNation in a Securities and Exchange Commission (SEC) filing on July 15.
Moreover, the cyberattack on CDK has shone a spotlight on the heightened cybersecurity concerns within the auto industry. As digital solutions become increasingly integral to operations ranging from sales to vehicle maintenance, the susceptibility to cyber threats looms larger. Additionally, dealerships may experience intensified scrutiny from customers, who are becoming progressively informed about the risks associated with data breaches.
In the near future, the industry will turn its focus to upcoming financial disclosures from automotive retail giants. AutoNation, marking the initiation of the cyberattack period, is slated to unveil its Q2 earnings on July 31. Penske Automotive Group and Asbury Automotive Group, both of which felt the impact of the cyberattack through their reliance on CDK’s software, are also expected to announce their earnings shortly. These forthcoming reports will likely shed light on the cyberattack’s full impact on automotive retail.
In conclusion, the automotive sector’s encounter with this cyberattack will serve as a pivotal moment, testing its resilience and adaptability to cyber risks in an era marked by digital dependency. The way stakeholders respond and adapt to such challenges will undoubtedly shape the trajectory of cybersecurity practices within the industry for years to come.