Computing Dynamics Data Breach Exposes 590 GB of Corporate and Client Information

The Computing Dynamics data breach is an alleged large scale cybersecurity incident in which the INTERLOCK ransomware group claims to have stolen and leaked more than 590 GB of data from Computing Dynamics, a Canadian company known for developing motor vehicle diagnostic software and financial reporting systems for automotive dealerships. The group published the claim on December 9, 2025, and asserts that over one million files and nearly thirty thousand folders were extracted before encryption took place.

Computing Dynamics, also referred to as CDI Software, develops automated reporting, budgeting, forecasting, and dealership management tools used by automotive retailers throughout Canada and the United States. The company also provides diagnostic software solutions and technical support for dealership networks. These services require significant data collection, including operational metrics, dealership financial records, software credentials, maintenance logs, and customer service documentation. As a result, the Computing Dynamics data breach has the potential to expose highly sensitive information belonging to dealerships, employees, and corporate partners.

The INTERLOCK ransomware group claims that the stolen data includes internal documentation, client financial data, source code, employee information, and personal records such as names, addresses, and phone numbers. The group also alleges that confidential materials related to dealership operations, accounting workflows, and proprietary software development were compromised. Although Computing Dynamics has not yet issued a public statement confirming the incident, the scale of the claimed Computing Dynamics data breach indicates a serious risk to the company and its downstream clients.

Background of the Computing Dynamics Data Breach

Computing Dynamics operates within the automotive software sector, which has become an increasingly common target for ransomware groups due to the value of dealership financial data and proprietary diagnostic systems. Automotive dealerships rely on CDI Software products for everyday operations including inventory tracking, profit and loss summaries, payroll calculations, and automated financial forecasting. A disruption of these systems or exposure of dealership level financial documents could lead to operational challenges, competitive disadvantages, and regulatory complications.

The INTERLOCK ransomware group is known for conducting attacks that focus on large scale data theft. Unlike groups that prioritize rapid encryption, INTERLOCK often spends extended time inside a network to gather confidential documents before revealing their presence. The group’s claim that it obtained 590 GB of Computing Dynamics data suggests that the attackers may have accessed internal servers, development environments, shared corporate repositories, and dealership level financial archives.

The Computing Dynamics data breach listing also references data relating to employees, including personal records that may contain salary information, employment documents, tax forms, and private internal communications. This type of data is commonly misused for identity theft, targeted phishing, or employment fraud schemes if made publicly available.

Types of Data Potentially Exposed

Based on the threat actor’s description and typical files stored by dealership software systems, the Computing Dynamics data breach may include the following categories of information:

• Client dealership financial statements and accounting records
• Budgeting and forecasting reports created within CDI Software platforms
• Software source code, internal development materials, and configuration files
• Diagnostic software logs and automotive maintenance reporting data
• Employee information including names, phone numbers, addresses, and employment documents
• Client contact lists, email correspondence, and technical support records
• Contracts, invoices, and partnership agreements with dealerships and automotive vendors
• Internal corporate documents that detail operational processes and proprietary methods

If dealership level financial data was included in the Computing Dynamics data breach, attackers may attempt to target individual dealerships with invoice fraud schemes or social engineering attacks. Dealers often rely on predictable communication patterns with software providers, making impersonation attempts particularly dangerous.

Exposure of Employee and Personal Data

The alleged inclusion of personal employee information raises the risk of identity theft and targeted attacks. Employee data may be combined with other publicly available records to create convincing phishing attempts directed at internal staff or business partners.

Risk to Proprietary Software and Intellectual Property

Computing Dynamics develops specialized applications used by dealerships to manage financial operations and diagnostic processes. If attackers gained access to software source code or system architecture documentation, competitors or criminal organizations could attempt to replicate, exploit, or tamper with the software. This aspect of the Computing Dynamics data breach may have long term consequences for product integrity and licensing protections.

Risks Associated With the Computing Dynamics Data Breach

Financial Fraud and Supply Chain Targeting

Dealerships that rely on CDI Software could be targeted through fraudulent invoices, impersonated communications, or altered financial reporting data. Attackers may use authentic stolen documents to convince dealerships to authorize payments or surrender system access.

Operational Disruption

If ransomware execution affected local servers or dealership integrations, day to day operations such as payroll, sales reporting, or financial compliance may experience delays. Automotive dealerships rely heavily on unified software systems, and even minor disruptions can cascade into broader operational challenges.

Identity Theft and Confidential Data Exposure

The exposure of personal employee information and dealership contacts may result in ongoing identity theft attempts. Criminal groups often store such data for future exploitation rather than immediate use.

Potential Attack Vectors in the Computing Dynamics Data Breach

• Compromised employee credentials obtained through phishing campaigns
• Unpatched vulnerabilities in internal software or remote access services
• Misconfigured cloud storage resources containing dealership data archives
• Third party contractor compromise leading to lateral network access
• Insufficient network segmentation between software development environments and client data repositories

The automotive software sector is increasingly interconnected, and a breach within a vendor like Computing Dynamics may allow attackers to pivot into dealership networks if proper segmentation and access control are not enforced.

Mitigation Measures for Computing Dynamics and Affected Partners

Recommended Actions for Computing Dynamics

• Conduct a full forensic audit to determine the timeline and scope of data compromise
• Reset internal credentials and enforce multifactor authentication across all access points
• Evaluate all dealership facing systems for unauthorized modifications
• Notify affected dealerships and regulatory bodies if required by Canadian or provincial law
• Verify integrity of software source code and deployment pipelines
• Harden cloud and on premise servers against further intrusion

Recommended Actions for Dealership Clients

• Audit financial and invoice workflows for irregularities
• Verify all communications that appear to originate from CDI Software or Computing Dynamics
• Monitor internal bookkeeping and reporting systems for abnormal entries
• Educate staff on phishing attempts referencing CDI or dealership financial operations

Recommended Actions for Employees

• Monitor financial accounts and credit reports for suspicious activity
• Be cautious of unsolicited emails requesting personal or employment information
• Update passwords across work related and personal accounts

Long Term Implications of the Computing Dynamics Data Breach

The long term impact of the Computing Dynamics data breach will depend on whether the stolen data is published, sold, or retained by the attackers. Automotive dealerships may face prolonged phishing campaigns or invoice fraud attempts that exploit authentic leaked documents. Employees may remain vulnerable to identity theft for years if personal information is circulated among cybercriminal markets.

The Computing Dynamics data breach underscores the broader cybersecurity challenges facing automotive software providers. Vendors that support dealership operations must implement strict access controls, continuous monitoring, and rigorous vulnerability management to prevent similar incidents in the future. The alleged compromise demonstrates the importance of strong cybersecurity practices in organizations that manage financial and operational data for high volume commercial clients.