AutoCanada, one of the major automotive dealerships in Canada, disclosed a cyberattack that disrupted its systems on August 11. Although dealerships continue operating as usual, the company was warned of potential disruptions until the affected systems are restored.
An investigation into the attack is ongoing, meaning there’s no information on the cyberattack’s scope, nature, and impact. There’s no word on whether customer, supplier, or employee data has been leaked.
“Immediately upon detecting the incident, AutoCanada took action to safeguard its network and data. This included engaging with leading cybersecurity experts to assist us with containment and remediation efforts, as well as to conduct a thorough investigation to understand the scope and impact of the incident,” says the notification issued by the company on its website.
AutoCanada is one of the biggest automobile dealerships in the North American region. It operates 84 franchised dealerships consisting of 28 brands across eight provinces in Canada and a group in Illinois, US. The company generated over $6 billion in revenue in 2023, selling over 100,000 retail vehicles.
Interestingly, the company also revealed financial results for the second quarter of 2024 on the same day as the cyberattack announcement. The CDK Global ransomware attack, which shut down many car dealerships across the US in June, negatively affected its earnings.
CDK Global is a popular SaaS company that provides programs to handle all aspects of a car dealership, including financing, payroll management, support and service, inventory, and other back-office operations. Over 15,000 car dealerships in the US were using CDK software at the time of the attack, and most, if not all, seem to have suffered losses due to the attack.
While AutoCanada hasn’t revealed any information about the attack at the moment, a ransomware attack similar to CDK Global can well be on the cards. The former reportedly paid a $25 million ransom to a BlackSuit ransomware affiliate for its troubles.
In the News: Russian cybercrook gets jailed for selling stolen credentials