CDK Cyber Attack: What Businesses Need to Do When They Are Back Online

Many dealerships’ operations were shaken to their core yesterday in the wake of the CDK cyber-attack, which is still causing headaches across the nation today. Relying solely on pen and paper, dealerships were forced to go back to a time void of technology by selling cars and doing service work without the help of their DMS. As dealership operations begin to come back online, what can dealerships do to ensure that the events that have occurred during their DMS outage are documented in the system, the correct taxes are paid, sales and service work is correctly recorded, employee hours are allocated, and more?

Here is a checklist of some of the major things that dealerships should address as well as some not-so-obvious items to look out for so that the nightmare of the last two days does not extend any further.

1. Contact your insurance provider and work with them to determine and calculate the amount your dealership can claim for the period of time of lost work and the period of time for potential lost profit.
2. Dealerships need to dedicate a period of time to overall reconnaissance before going back to business as usual. All departments need to help the accounting office gather the necessary information accumulated during this downtime to ensure it will be accurately entered into the system, or the dealership will face repercussions later. 
3. Once CDK comes back online, everyone at the dealership should go into CDK setups to ensure that sales tax is correct, their templates are correct, that the mapping from the accounts to their financial statements is correct, and that nothing got corrupted within their system.
4. Do not assume that this breach only impacted data collected when CDK was down. Dealerships need to compare their May 31st statements to their June 1st statements to ensure there are no discrepancies.
5. For any sales that did occur during this downtime, ensure that they were recorded accurately and that sales tax was calculated correctly for the jurisdiction that you are in and recorded in the correct states. This will include reviewing all information from the manual sales to ensure all necessary accounting has been recorded.
6. For anything done within the service department during downtime, make sure that all flag times were captured, and that this technician time was recorded accurately.
7. Dealerships need to be strict about warranty submissions because the factory will deny claims that are incorrect.
8. Audit your dealership’s cybersecurity measures. Ensure that you are using multi-factor authentication, not sharing passwords, not providing access rights to individuals who do not need them, and complying with FTC safeguards.
9. If your dealership closed for the period of time that your DMS was down, you will need to determine if these employees will be paid as a courtesy or if they will need to utilize paid time off and work with HR to resolve any conflicts.
10. Please note that the CDK cyberattack reaches beyond your own DMS. CDK aligns and integrates with other services and platforms. At the time of this writing, Tekion is now down as a direct result of the CDK cyberattack. Please be sure to remain on top of any other system or software that integrates with CDK to ensure data accuracy and due diligence.

Withum is on the ready to partner with dealerships to help them navigate these challenges from both a transactions and compliance standpoint. These are our recommendations at the time of this writing. This situation is ongoing and our recommendations are subject to change based on new developments. Please feel free to reach out to us with any questions or concerns.

*For more updated information please see this additional article from Withum.

Author: Michele D’Antonio