Cyberattacks have forced thousands of car dealerships to paper for a second day
- Thread starter JournalBot
- Start date
"and went private amid pressure from its activist investors to trim costs"
This is Jack's complete lack of surprise.
This is Jack's complete lack of surprise.
Upvote
283
(286
/
-3)
I imagine the class of people who have the largest gap between what they earn and what kind of work they do would have seen this coming or prepared for it... if they had any skills beyond simply existing in a national scam that prints them money.
Upvote
109
(116
/
-7)
Think carefully about what you just wrote down.
Or at least put an /s in there somewhere.
Upvote
122
(139
/
-17)
While certainly not on the same level, this reminds me of when I went to a dispensary on 4/20 and had to stand at the counter for a full hour because "Weedpay" went down across the country. Couldn't even do cash transactions because some phone-based payment processor supplemental to the usual transaction process crapped the bed. Certainly nobody behind the creation of that software could have predicted and prepared for high demand.
Upvote
70
(76
/
-6)
You'd figure this kind of outage/ransomware attack is going to happen more and more as many vendors force customers to use their cloud based SAAS solution as they just quit offering on-prem solutions. Makes it easier on the hackers to have to get in 1 provider vs a lot of individual companies' datacenters.
Upvote
141
(141
/
0)
Where can you do that other than Tesla/Rivian/etc.?
Dealerships are basically protected by laws that require them to exist.
Upvote
153
(155
/
-2)
Meh,... This is just a minor glitch. It won't happen again. After all, the cloud is our salvation, and subscription software is the brave new world of computing. Learn to love it, chumps.
Upvote
59
(65
/
-6)
Outsource. Cloud.
Words that you seem to hear from the bean counters so often, and just make me wince.
Words that you seem to hear from the bean counters so often, and just make me wince.
Upvote
119
(120
/
-1)
Sounds like a horrible software company and product even before getting into discussions on why there are not any downtime procedures. CDK probably has the idea that if they had downtime procedures, then their users would somehow have a worse opinion of them when they were needed.
Upvote
38
(41
/
-3)
The inability to even do cash transactions without computers and internet really surprises me every time.
I had something similar in 2003 following Hurricane Isabel, some stuff was still screwed weeks afterward and I found myself unable to buy more feeder crickets for my lizards because the pet store cash register was down...until the owner overheard and was trying to explain to employees how to use paper and a calculator to record inventory sales and compute sales tax, and write out paper receipts. The younger staff looked at him like he had 3 heads as he computed a dozen crickets at like $0.10 or whatever per unit writing down SKU numbers and multiplying in sales-tax and then computing change from the cash I handed him with a 4-function calculator.
Upvote
173
(175
/
-2)
Or some CEO like "What do you mean outage plan, there better not be any outages and I don't want to hear you planning for having any"
Upvote
149
(151
/
-2)
Look, if you think it's easy to play games with people and take my sweet -ass time to show them anything except what they say they want to see, eventually write down a number and make a frowny face and explain that I'm going to need to run it by my boss, and then go sit in my boss's office for a good 30 minutes or so to pretend like I'm doing something real... well I'm going to need you to have a seat here or feel free to walk around our showroom while I go see what my boss has to say about that.
Upvote
121
(122
/
-1)
Saturn had no-haggle pricing. People loved it. Because capitalism cannot tolerate any amount of goodness in the world, the got rid of it.
I think Costco still has that sort of deal, but Sinegal isn't there anymore to use murder to keep prices down, so who knows if that'll last. (He's the "don't fuck with the hot dog or you're dead" guy.)
Upvote
96
(99
/
-3)
What high class operation are you going to?
Every place I've been just takes cash and stuffs it into a box lol
Upvote
48
(52
/
-4)
Centralization has it's pros and cons. It really can be a way to increase efficiency, and outsourcing means that every company doesn't need a full-service IT department. OTOH, you do make yourself vulnerable to situations like this.
I don't see a return to in-house IT being the norm any more than I expect in-house electricians or plumbers at most businesses, but having some sort of business continuity plan, even if it's just paper processes, is wise.
I don't see a return to in-house IT being the norm any more than I expect in-house electricians or plumbers at most businesses, but having some sort of business continuity plan, even if it's just paper processes, is wise.
Upvote
67
(69
/
-2)
We are on CDK where I work. We just onboarded a few months ago. When we onboarding we were told that CDK had never been hacked etc etc. And then this. And they wanted to manage our network!
Our impact has been minimal; We can fallback on our old DMS, which is what we have done.
Now other dealers around me are having major issues. CDK does everything from payroll to service tickets to parts and vehicle inventory and much much more! Schedule your demo today!
What bothers me most is the complete lack of communication from CDK. We've heard nothing, nada from anyone.
Our impact has been minimal; We can fallback on our old DMS, which is what we have done.
Now other dealers around me are having major issues. CDK does everything from payroll to service tickets to parts and vehicle inventory and much much more! Schedule your demo today!
What bothers me most is the complete lack of communication from CDK. We've heard nothing, nada from anyone.
Upvote
158
(158
/
0)
Having been born in the mid '80s, I'm old enough to remember when credit cards were processed with carbon paper and a pressure imprint roller.
Even in the 2010s there were a few times when I was at a store and the POS terminals went down. Cashiers would be confused, lots of "well I'm not sure what to do," and then a 60 year old lady would come out of the back office carrying an old yellow box. She'd say "OK kids, time you learned to deal with it the old fashioned way", break out a 40 year old imprint roller and a stack of CC forms, and tell them to press really hard when you're writing the dollar amount because you're making three copies.
In the last 5-6 years it seems that even those have disappeared. The last few times I've been in a store that had a POS network issue, everything really did grind to a halt and the managers had no idea what to do.
Upvote
132
(132
/
0)
I had a situation recently where I had to explain how to take a card imprint on a piece of receipt paper to a manager (because they had gotten rid of their imprint roller) so I could leave a restaurant after they lost power lol
Upvote
65
(66
/
-1)
AmanoJyaku
Ars Praefectus
Someone above criticized the cloud and outsourcing. What were you using before CDK and your old DMS? Would your business be able to hire IT staff to do all this in-house? That is, can you afford staff, if you can even find them?
Upvote
18
(25
/
-7)
Weird how this late stage capitalism thought process of "always make more profits than yesterday, no matter what we have to cut" always messes shit up.
These guys basically have a monopoly on dealership CRM which means a guaranteed income. Somehow that wasn't enough... and now?
I wonder if dealerships are going to be able to hit them for lost profits?
Upvote
69
(76
/
-7)
All companies need an IT plan, and they tend to for better or worse.
Where the wheels almost always come off is having a backup plan for when the primary one falls over. AKA Proper backups, Disaster Recovery (DR) plans, and also general Business Continuity plans.
This "all the eggs in one basket" mentality is what makes these types of "cyber incidents" so effective. When you can shut down an entire industry or business sector with a single attack (car sales, meat packing, oil distribution, medical record processing, etc.) you are incentivizing the bad actors and increasing the probability of them getting a fat payout.
Where the wheels almost always come off is having a backup plan for when the primary one falls over. AKA Proper backups, Disaster Recovery (DR) plans, and also general Business Continuity plans.
This "all the eggs in one basket" mentality is what makes these types of "cyber incidents" so effective. When you can shut down an entire industry or business sector with a single attack (car sales, meat packing, oil distribution, medical record processing, etc.) you are incentivizing the bad actors and increasing the probability of them getting a fat payout.
Upvote
55
(55
/
0)
It's also a way to point the finger and blame someone else when their system goes down and causes you to lose business. Pawning off responsibility while taking in more money because it's cheaper than an in-house solution is why there are so many breaches. Company ownership/management doesn't care about lost sales because they're not responsible for hackermans compromising their systems, so it's not a problem for them.
Upvote
6
(17
/
-11)
Even if the impression machines still existed, my most recent 2 credit card replacements have no embossed numbers/information so it still wouldn't work anyway. The industry has decided that's too obsolete.
And yeah...smaller places kinda rural when the internet goes out they are dead in the water on cards, a Chipotle nearby just opened and has frequently had to close mid-day because their ISP went down and they didn't have change for cash transactions so they literally had no way to accept payments.
Upvote
121
(121
/
0)
AmanoJyaku
Ars Praefectus
99% of US businesses are small (i.e. under 500 employees). You can bet your ass most don't have IT plans.
Upvote
71
(72
/
-1)
The last time my credit card updated it got rid of the embossed numbers; you can't even do that by hand anymore.
Edit: (And ninja'd of course...)
Upvote
68
(68
/
0)
I'm confused. The company became private to avoid dealing with investors wanting to cut costs...
But after they went private, they cut cost by a ton, via outsourcing...
So why did they went private?
But after they went private, they cut cost by a ton, via outsourcing...
So why did they went private?
Upvote
21
(26
/
-5)
Upvote
53
(56
/
-3)
A vital system needs redundancy. Without redundancy it is certain that some component will fail for any number of reasons bringing the system down. Redundancy cost money and is deemed a problem by investors that do not depend on the system. Thus the parasitic form of capitalism we have here in the US is destroying vital systems. Private equity firms are parasites. Monopolies are parasites. Not sure how to eliminate them without damaging the host society, but enforcing anti-trust laws more vigorously seems like a start.
Upvote
33
(38
/
-5)
Unauthorized bread wasn't supposed to be an instruction manual:
Unauthorized Bread: Real rebellions involve jailbreaking IoT toasters
Cory Doctorow’s book, Radicalized, is up for a CBC award. To celebrate, here’s an excerpt.
arstechnica.com
Upvote
41
(41
/
0)
J.C. Helios
Ars Scholae Palatinae
The article means that they succumbed to activist investor pressure to go private. The investors wanted them to go private, so they did.
Upvote
50
(50
/
0)
They don’t need CDK to sell cars. They need CDK to sell service contacts, satellite radio, enhanced connectivity, extended warranties etc.
Anyone who’s bought a car in the last 5 years has encountered the 15-30m session of checking boxes and initialing, all carefully designed to create pure upsell profit.
Anyone who’s bought a car in the last 5 years has encountered the 15-30m session of checking boxes and initialing, all carefully designed to create pure upsell profit.
Upvote
22
(34
/
-12)
Externality Capitalism strikes again. CDK takes the profits, everybody else takes the shaft.
Upvote
9
(16
/
-7)
Every time I hear "venture capitalist" of "VC", I completely expect the rest of the news will be horrific.
I'd place a cap first on the number of them that can be allowed to exist (which would be the total - X with X being a number less than the total but greater than the lowest number necessary for an economy to function) then place a cap on how many firms they'd be allowed to have their fingers in per year and mandate a minimum time they can own the company (five to ten years). This would disincentivize the quick buck, eliminating the quick looting of companies for profit and require more deliberation in their choices.
Failing that, I'd nuke them all from orbit and prohibit them from "owning" anything, making them only silent partners, without voting options or influence, being forced to ride along with any other investor and hope the C-levels know what they're doing over the long term, with no investments on the part of one VC sufficient to break the company in which they invested if they sold their stock short.
They're supposed to be a "leg up". Not their fucking owner/masters.
Upvote
20
(24
/
-4)
Upvote
12
(15
/
-3)
Depends on the size of your company. If you have a "campus" then you have your own facilities management department with electricians and plumbers. Same with IT, managers do the math and sometimes it is cheaper to run your own shop. Especially when your per-user licenses are all based on 10s of thousands of users.
Upvote
20
(20
/
0)
I haven't had a physical card with raised numbers for that imprint in.... maybe a decade now?
Upvote
16
(18
/
-2)