Security News > 2024 > June > CDK Global outage caused by BlackSuit ransomware attack
The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter.
The same sources, who provided information on condition of anonymity, told BleepingComputer that CDK is currently negotiating with the ransomware gang to receive a decryptor and not leak stolen data.
While BleepingComputer is the first to report that BlackSuit is behind the attack, the news that CDK is negotiating with threat actors was revealed by Bloomberg yesterday.
The negotiations come after the BlackSuit ransomware attack forced CDK to shut down its IT systems and data centers to prevent the attack's spread, including its car dealership platform.
BleepingComputer contacted CDK to learn more about the ransomware attack but has not received a response yet.
CDK Global cyberattack impacts thousands of US car dealerships.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)