AutoCanada Inc. says it has found a cybersecurity breach of its systems that could disrupt operations as it also reported a financial loss for the second quarter because of a separate cybersecurity incident.
The Edmonton-based dealership network says it is still working to understand the extent of the breach that it identified on Aug. 11, including what, if any, customer, supplier or employee data may have been compromised.
AutoCanada, which has 84 franchised dealerships in North America, says its businesses remain open as it continues to investigate and work on containment and remediation efforts.
The breach follows a June cyberattack against CDK Global, a company that provides software for thousands of auto dealers in the U.S. and Canada, that led to major disruptions.
AutoCanada says the CDK outage lasted from June 19 to July 1, but that it took until the end of July to have the software running back to normal, leading to lost sales and other costs for AutoCanada.
The CDK breach helped push AutoCanada to a net loss of $33.1 million for the quarter ended June 30 compared with earnings of $45.2 million for the same quarter last year, though the outage wasn’t the only cause.
“AutoCanada faced several headwinds during the second quarter which substantially affected our performance,” said Paul Antony, executive chairman of AutoCanada in a statement.
Along with the CDK outage, AutoCanada also faced higher vehicle inventory levels and financing costs, while rising unemployment and the economic slowdown have created increased consumer uncertainty, said Antony.
In response, the company hired a consultant in the quarter to accelerate strategic initiatives, is reviewing strategic alternatives for all non-core and underperforming assets, and has immediately halted all merger and acquisition initiatives and discretionary spending, he said.
Results for the last quarter shows revenue came in at $1.6 billion, down almost nine per cent from the $1.8 billion last year.
AutoCanada says that following the CDK outage, it took measures to safeguard its system and increase its threat detection efforts.