Group 1 Automotive Provides Statement on CDK Cybersecurity Incident

HOUSTON, June 24, 2024 /PRNewswire/ — Group 1 Automotive, Inc. (NYSE: GPI) (“Group 1” or the “Company”), a Fortune 300 automotive retailer with 202 dealerships located in the U.S. and U.K., today announced that the cybersecurity incident recently experienced by third-party software provider, CDK Global LLC (“CDK”), has disrupted Group 1’s business applications and processes in its U.S. operations that rely on CDK’s dealers’ systems. 

In response, the Company immediately activated its cyber incident response procedures and proactively took measures to protect and isolate its systems from CDK’s platform.  Despite the CDK service outage, all Group 1 U.S. dealerships continue to conduct business using alternative processes until CDK’s dealers’ systems are available.  The Company’s dealerships in the U.K. do not use CDK’s dealers’ systems and are therefore not impacted by the CDK service outage.

CDK has advised that it anticipates the restoration of the dealer management system will require several days and not weeks.  The timing of the restoration of other impacted CDK applications remains unclear at this time. Group 1’s ability to determine the material impact, if any, of the CDK incident and the resulting service outage, will ultimately depend on a number of factors, including when, and to what extent, the Company resumes its access to CDK’s dealers’ systems. Group 1 is closely monitoring this situation and will take additional action if determined necessary.

“Our associates are coming together with an unwavering focus on delivering the best possible customer experience. Their efforts have been nothing short of exemplary.  We’d like to thank our team, our customers, and our partners for their patience as we navigate this outage,” said Daryl Kenningham, Group 1’s President and Chief Executive Officer.

ABOUT GROUP 1 AUTOMOTIVE, INC.

Group 1 owns and operates 202 automotive dealerships, 264 franchises, and 42 collision centers in the United States and the United Kingdom that offer 35 brands of automobiles. Through its dealerships and omni-channel platform, the Company sells new and used cars and light trucks; arranges related vehicle financing; sells service and insurance contracts; provides automotive maintenance and repair services; and sells vehicle parts.

Group 1 discloses additional information about the Company, its business, and its results of operations at www.group1corp.com, www.group1auto.com, www.group1collision.com, www.acceleride.com, www.facebook.com/group1auto, and www.twitter.com/group1auto.

FORWARD-LOOKING STATEMENTS

This press release contains “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995, which are statements related to future, not past, events and are based on our current expectations and assumptions regarding our business, the economy and other future conditions. These statements address Group 1’s expectations or beliefs regarding future events, actions or performance, including the impact of the CDK cybersecurity incident on Group 1, including its financial condition and results of operations. Factors that could affect future developments and performance include access to the CDK platform, and CDK’s ability to contain and remediate the cybersecurity incident and other risk and factors contained in the documents that Group 1 has filed with the Securities and Exchange Commission.

Investor contacts:

Terry Bratton

Manager, Investor Relations

Group 1 Automotive, Inc.

[email protected] 

Media contacts:

Pete DeLongchamps

Senior Vice President, Manufacturer Relations, Financial Services and Public Affairs

Group 1 Automotive, Inc.

[email protected]

or

Clint Woods

Pierpont Communications, Inc.

713-627-2223

[email protected] 

Cision View original content:https://www.prnewswire.com/news-releases/group-1-automotive-provides-statement-on-cdk-cybersecurity-incident-302179875.html

SOURCE Group 1 Automotive, Inc.

Featured image: DepositPhoto © Katarinagondova

Disclaimer