Sonic says cyberattack ‘reasonably likely’ to have material impact on Q2 results

As previously disclosed, Sonic Automotive has experienced disruptions since June 19 in its access to certain information systems provided to the company by CDK Global due to a cybersecurity incident experienced by CDK. The affected systems include the company’s dealer management system, DMS, its customer relationship management system, CRM, and other systems that support sales, inventory and accounting functions. In a regulatory filing, the company disclosed that access to the basic functionality of the DMS has been restored. Other affected systems, including the CRM and certain functions of the DMS, remain offline as the company continues to investigate and test such systems. Additionally, some third-party applications typically accessible through the affected systems also remain offline. The timing of restoration of full access to all affected systems remains unclear. Since the onset of the incident, the company has closely monitored the effect of the incident on its business, financial condition and results of operations. While the full impact of the incident on the company and its results of operations and financial condition are not presently ascertainable, based on the information available to the company, the company concluded that the incident is reasonably likely to have a material impact on the company’s results of operation for Q2 due to, among other thing, a slower rate of vehicle sales during the period since June 19, due to the impact of the incident on the affected systems. As a result, the company expects that its earnings for Q2 will be adversely impacted by the incident. The company has not yet determined whether the incident has otherwise had or is otherwise reasonably likely to have a material impact on the company and its financial condition.