What to do if you believe your personal information has been hacked

CDK Global, a company that provides auto dealerships across the U.S. with software for managing sales and other services, has been hacked, prompting the company to temporarily shut down most of its systems. 

That is effectively preventing about 15,000 car dealerships from making sales. General Motors dealerships rely on CDK's systems, as does Group 1 Automotive, an auto retailer with hundreds of dealerships across the U.S. Holman, with dealerships across eight U.S. states, is another CDK client. 

"We are actively investigating a cyber incident," a CDK spokesperson told CBS News. "Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible." 

Later on Wednesday afternoon, CDK said that after conducting tests and consulting with third-party experts, some of its systems were back up and running. 

"With the work done so far, our core [dealer management system] and Digital Retailing solutions have been restored. We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online," CDK said in a statement to CBS MoneyWatch. 

The number of cyberattacks has been on the rise in the last year, with more than 3,200 data breaches in 2023, a 78% jump from the prior year, according to a new study from data firm SOAX. Those breaches impacted more than 65 million victims last year, it added.

CDK's dealer management system, or DMS, is a hub that lets businesses monitor operations from a single interface, while its retail tools let dealerships transact online and in showrooms. 

What is CDK? 

CDK provides dealerships with tools to manage payroll, inventory and office operations. 

On its website, it also touts its cybersecurity capabilities. "CDK Cybersecurity Solutions provide a three-tiered cybersecurity strategy to prevent, protect and respond to cyberattacks so you can defend your dealership," it says. 

When did the cyberattack begin?

The cyberattack on CDK Global began Tuesday evening, Bleeping Computer, a cybersecurity news site, reported Wednesday, taking the 15,000 car dealerships it serves offline.  

It is not currently known who, or what group, is behind the cyberattack. 

How are dealerships responding?

Some dealerships appeared to get creative to continue doing business during the outage. Dealership employees posted about the outage on Reddit Wednesday, sharing that they were relying on spreadsheets and sticky notes to sell customers small parts and make repairs, but that they weren't making any large transactions. 

One employee asked other dealership employees, "How many of you are standing around because your whole shop runs on CDK?" under the heading "CDK down," with users in Wisconsin and Colorado confirming their dealership transaction systems were offline. 

Megan Cerullo

Megan Cerullo is a New York-based reporter for CBS MoneyWatch covering small business, workplace, health care, consumer spending and personal finance topics. She regularly appears on CBS News 24/7 to discuss her reporting.