A massive cyberattack on CDK Global, a software provider for car dealerships, has sparked legal action as plaintiffs allege the company failed to protect their personal information.
Legal action in response to the breach
Yuriy Loginov, a Florida resident, filed a potential class-action lawsuit in the U.S. District Court in the Northern District of Illinois on Saturday. The suit claims CDK Global neglected to implement industry-standard data security practices to secure sensitive personal information, including Social Security numbers, financial details, credit card numbers, and bank account information.
Loginov argues that CDK should have anticipated the cyberattack, labeling it a “known risk” given the company’s role in managing data for approximately 15,000 car dealerships across North America. The lawsuit alleges CDK failed to maintain and monitor its computer network and systems properly, leading to the breach and exposing private information to theft and fraud.
Impact and response
The cyberattack, which occurred last Wednesday, forced many dealerships to revert to manual processes as CDK’s software was rendered inoperable. While the full extent of the data exposure is still unclear, experts recommend that customers act as if their data has been compromised.
Loginov’s complaint highlights the financial and personal impacts of the breach, citing costs incurred in mitigating risks and protecting his data. He is seeking monetary damages, reimbursement for expenses, data monitoring services, and other financial remedies from CDK Global.
Ongoing concerns and industry implications
The incident underscores the growing threat of cyberattacks in the automotive industry and raises questions about the adequacy of data protection measures among software providers. With the lawsuit underway, other affected individuals may come forward, potentially leading to more legal challenges for CDK Global.
CDK Global has yet to comment on the lawsuit or provide further details on the cyberattack’s impact and remediation efforts.
