MSP Recovery Law Firm Files Complaint Against CDK Global Inc. Over Data Breach

MSP Recovery Law Firm has filed a complaint in Federal Court in the Southern District of Florida against CDK Global Inc. on behalf of several Plaintiff Classes. The complaint is in response to a massive data breach that exposed sensitive personally identifiable information (PII) of customers, employees, and auto purchasers. The breach compromised customer names, employee names, Social Security numbers, personal financial data, emails and mailing addresses, phone numbers, personal identification numbers (PINs), and dates of birth.

MSP Recovery Law Firm will utilize sophisticated data analytics systems developed by LifeWallet, in collaboration with Palantir Technologies Inc., to capture and manage data related to the case. These systems have been previously used as evidence in litigation by MSP Recovery Law Firm, including a recent class action against USAA Casualty Insurance Company and USAA General Indemnity Company.

CDK Global Inc. is a prominent provider of IT and digital solutions in the automotive retail industry, trusted by over 15,000 auto dealerships across North America. Upon discovering the breach on June 18, 2024, CDK temporarily took their systems offline for investigation and remediation. However, within 24 hours of bringing the system back online, another breach occurred. These consecutive incidents raise concerns about the adequacy of CDK’s cyber security measures and incident response strategies.

John H. Ruiz, Founder of MSP Recovery Law Firm and lead counsel for the case, stated that CDK failed to protect the data of its customers on two occasions. He emphasized that if CDK has the authority to collect customer information for its commercial benefit, it bears the responsibility to safeguard it.

CDK’s Dealership Management System is a crucial component of daily operations for more than 15,000 dealerships. The breach and CDK’s subsequent actions have disrupted business operations and left vendors and customers vulnerable to identity theft and extortion threats. The outcome of this case could have significant implications for the cyber security practices of technology companies under state and federal laws.

More Posts

SWEP, a world-leading supplier of brazed plate heat exchangers (BPHEs), has unveiled its latest innovation …

Village Super Market, Inc. (NASDAQ: VLGEA) is deeply saddened to announce the passing of William …

Vicinity Motor Corp., a leading North American supplier of commercial electric vehicles, has announced the …