STOCK TITAN

Group 1 Automotive Provides Statement on CDK Cybersecurity Incident

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Neutral)
Tags
Rhea-AI Summary

Group 1 Automotive (NYSE: GPI) announced a disruption in its U.S. operations due to a cybersecurity incident experienced by third-party software provider CDK Global. The company activated its cyber response procedures and isolated its systems from CDK's platform. Despite the outage, all U.S. dealerships continue operations using alternative processes, while U.K. dealerships remain unaffected. CDK expects dealer management systems to be restored within days, but the timeline for other applications is unclear. Group 1 is closely monitoring the situation and will take further action if necessary. The company emphasizes its commitment to customer experience and thanks all stakeholders for their patience.

Positive
  • All U.S. dealerships continue to operate using alternative processes.
  • U.K. dealerships remain unaffected by the CDK service outage.
Negative
  • Cybersecurity incident disrupted Group 1's U.S. operations.
  • Unclear timeline for restoration of some CDK applications.

Insights

The incident involving CDK Global LLC, a third-party software provider, underscores the vulnerability of supply chain cybersecurity in the automotive retail sector. Group 1 Automotive's quick activation of cyber incident response procedures highlights the importance of having robust contingency plans. This scenario reveals a critical dependency on external IT service providers, which can significantly disrupt operations when breached. The decision to rely on alternative processes while maintaining customer service indicates operational resilience. However, prolonged disruption, even if limited to a few days, could affect revenue and customer satisfaction. Investors should consider the potential reputational risk and the costs associated with managing the fallout of this incident.

From a financial perspective, the immediate impact of the CDK incident on Group 1's U.S. operations is uncertain. The company's ability to continue business using alternative methods suggests that the top-line impact might be mitigated in the short term. However, the lack of clarity on the timeline for restoring all affected applications leaves room for potential revenue dips if the issue extends. Investors should monitor subsequent earnings reports for any noted financial impacts. The situation also raises concerns about future IT investments and possible increased spending on cybersecurity measures, which could affect the company's cost structure.

HOUSTON, June 24, 2024 /PRNewswire/ -- Group 1 Automotive, Inc. (NYSE: GPI) ("Group 1" or the "Company"), a Fortune 300 automotive retailer with 202 dealerships located in the U.S. and U.K., today announced that the cybersecurity incident recently experienced by third-party software provider, CDK Global LLC ("CDK"), has disrupted Group 1's business applications and processes in its U.S. operations that rely on CDK's dealers' systems. 

In response, the Company immediately activated its cyber incident response procedures and proactively took measures to protect and isolate its systems from CDK's platform.  Despite the CDK service outage, all Group 1 U.S. dealerships continue to conduct business using alternative processes until CDK's dealers' systems are available.  The Company's dealerships in the U.K. do not use CDK's dealers' systems and are therefore not impacted by the CDK service outage.

CDK has advised that it anticipates the restoration of the dealer management system will require several days and not weeks.  The timing of the restoration of other impacted CDK applications remains unclear at this time. Group 1's ability to determine the material impact, if any, of the CDK incident and the resulting service outage, will ultimately depend on a number of factors, including when, and to what extent, the Company resumes its access to CDK's dealers' systems. Group 1 is closely monitoring this situation and will take additional action if determined necessary.

"Our associates are coming together with an unwavering focus on delivering the best possible customer experience. Their efforts have been nothing short of exemplary.  We'd like to thank our team, our customers, and our partners for their patience as we navigate this outage," said Daryl Kenningham, Group 1's President and Chief Executive Officer.

ABOUT GROUP 1 AUTOMOTIVE, INC.

Group 1 owns and operates 202 automotive dealerships, 264 franchises, and 42 collision centers in the United States and the United Kingdom that offer 35 brands of automobiles. Through its dealerships and omni-channel platform, the Company sells new and used cars and light trucks; arranges related vehicle financing; sells service and insurance contracts; provides automotive maintenance and repair services; and sells vehicle parts.

Group 1 discloses additional information about the Company, its business, and its results of operations at www.group1corp.com, www.group1auto.com, www.group1collision.com, www.acceleride.com, www.facebook.com/group1auto, and www.twitter.com/group1auto.

FORWARD-LOOKING STATEMENTS

This press release contains "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995, which are statements related to future, not past, events and are based on our current expectations and assumptions regarding our business, the economy and other future conditions. These statements address Group 1's expectations or beliefs regarding future events, actions or performance, including the impact of the CDK cybersecurity incident on Group 1, including its financial condition and results of operations. Factors that could affect future developments and performance include access to the CDK platform, and CDK's ability to contain and remediate the cybersecurity incident and other risk and factors contained in the documents that Group 1 has filed with the Securities and Exchange Commission.

Investor contacts:
Terry Bratton
Manager, Investor Relations
Group 1 Automotive, Inc.
ir@group1auto.com 

Media contacts:
Pete DeLongchamps
Senior Vice President, Manufacturer Relations, Financial Services and Public Affairs
Group 1 Automotive, Inc.
pdelongchamps@group1auto.com
or
Clint Woods
Pierpont Communications, Inc.
713-627-2223
cwoods@piercom.com 

Cision View original content:https://www.prnewswire.com/news-releases/group-1-automotive-provides-statement-on-cdk-cybersecurity-incident-302179875.html

SOURCE Group 1 Automotive, Inc.

FAQ

What recent incident affected Group 1 Automotive's U.S. operations?

A cybersecurity incident at third-party software provider CDK Global disrupted Group 1 Automotive's U.S. operations.

Are Group 1 Automotive's U.K. dealerships affected by the CDK cybersecurity incident?

No, Group 1 Automotive's U.K. dealerships are not affected by the CDK service outage.

How is Group 1 Automotive handling the CDK service outage?

Group 1 Automotive activated its cyber incident response procedures and continues operations using alternative processes.

When will the CDK dealer management systems be restored?

CDK expects the dealer management systems to be restored within days, but the exact timeline for other applications remains unclear.

What measures has Group 1 Automotive taken in response to the CDK incident?

Group 1 Automotive has isolated its systems from CDK's platform and is closely monitoring the situation, prepared to take further action if necessary.

Group 1 Automotive, Inc.

NYSE:GPI

GPI Rankings

GPI Latest News

GPI Stock Data

5.68B
12.89M
2.27%
108.57%
13.43%
Auto & Truck Dealerships
Retail-auto Dealers & Gasoline Stations
Link
United States of America
HOUSTON