In a recent cyberattack that targeted CDK Global, dealerships across North America have suffered significant financial losses due to disrupted software services. The attack, which began on June 19, has left dealerships scrambling to resume normal operations and regain lost sales and service revenue.

CDK Global, a leading provider of dealer management systems, announced on Wednesday night that they have made progress in resolving the cyberattack. A small initial test group of dealers has been successfully brought back online, with plans to gradually phase in other dealers once validation is complete. CDK Global is also working to bring other applications, such as their Customer Relationship Management (CRM) and Service solutions, back online.

However, the damage has already been done. CDK Global attempted to restore services last week but was hit by a second cyberattack. It was later revealed that the attackers, a group called BlackSuit based in Eastern Europe, demanded a ransom of tens of millions of dollars to restore services. While it is unclear whether CDK Global paid the ransom, the company declined to comment on the matter.

The repercussions of the attack are being felt by public auto dealership groups like AutoNation, Group 1 Automotive, and Lithia Motors. These companies have warned that their second-quarter financial results will likely be negatively impacted by the software outage. In order to continue operations, dealerships have resorted to alternative means such as manual documentation using pen and paper to record transactions.

The consequences of the cyberattack extend beyond financial losses. One service center in Illinois has filed a lawsuit against CDK Global over lost business caused by the attack. Other dealer management system operators, including Dominion, have also expressed concerns as automakers are now seeking to audit their software for cybersecurity effectiveness.

Automotive research firms, such as JD Power, are projecting a decline in sales for the month of June and the second quarter as a whole. Thomas King, President of Data and Analytics at JD Power, estimates that overall June sales could decrease by 2.6% to 7.2% compared to the previous year due to the disruption caused by the attack. However, there is a silver lining as lost sales from June could potentially materialize in July.

Jessica Caldwell, head of insights at Edmunds, echoed JD Power's sentiments and highlighted the impact of the cyberattack on the automotive industry's road to recovery. Despite favorable conditions such as healthier inventory levels and summertime incentives, Caldwell now expects sales to be pushed to the third quarter, which offers the possibility of recovering the sales losses.

Investors are eagerly awaiting the upcoming Q2 earnings season, where the full extent of the cyberattack's impact on dealership group-level sales and overall quarterly deliveries for volume automakers like Ford, GM, and Toyota will become clearer. These earnings reports will shed light on the ongoing financial repercussions of the cyberattack on the industry.

As CDK Global works towards resolving the cyberattack and restoring normal operations, dealerships are faced with the challenge of recovering lost sales and service revenue. The incident serves as a reminder of the importance of robust cybersecurity measures in protecting critical systems and preventing disruptions that can have significant financial and operational consequences.