CDK hack shows SEC disclosure standards are unsettled | CyberScoop<\/title> <meta name=\"description\" content=\"The early application of the regulatory agency\u2019s new cybersecurity reporting rules reveal that materiality is in the eye of the beholder.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cdk-ransomware-attack-sec-disclosure-material-impact\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CDK hack shows SEC disclosure standards are unsettled\"> <meta property=\"og:description\" content=\"The early application of the regulatory agency\u2019s new cybersecurity reporting rules reveal that materiality is in the eye of the beholder.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cdk-ransomware-attack-sec-disclosure-material-impact\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-07-16T16:30:27+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1205\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tim Starks\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@timstarks\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1720117134g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1718292839g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1721055008g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/81021\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=81021\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcdk-ransomware-attack-sec-disclosure-material-impact%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcdk-ransomware-attack-sec-disclosure-material-impact%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-81021 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cdk-ransomware-attack-sec-disclosure-material-impact\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.678694158076\">\n<div class=\"single-article__header-content\" readability=\"30.155172413793\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/threats\/cybercrime\/\"> <span>Cybercrime<\/span> <\/a> <\/li>\n<\/ul>\n<p> The early application of the regulatory agency\u2019s new cybersecurity reporting rules reveal that materiality is in the eye of the beholder. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"401\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled.jpg?resize=640%2C401&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=300,188 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=768,482 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=1024,643 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=1536,964 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=600,377 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=268,168 268w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=537,337 537w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=1076,675 1076w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-2.jpg?resize=1343,843 1343w\" sizes=\"(max-width: 1076px) 100vw, 1076px\"><figcaption> Car dealership office. (Fahroni, iStock\/Getty Images Plus) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"83.608621815807\"><body readability=\"171.1593276844\"><\/p>\n<p>As the damage from the ransomware attack on automotive software provider CDK Global has become clear over recent weeks, numerous auto dealers <a href=\"https:\/\/cyberscoop.com\/cdk-ransomware-car-dealers\/\">felt compelled<\/a> to notify the Securities and Exchange Commission that the breach had harmed their operations.<\/p>\n<p>CDK\u2019s parent company, Brookfield Business Partners, which apparently <a href=\"https:\/\/cyberscoop.com\/cdk-ransom-blacksuit-25-million\/\">paid nearly $25 million<\/a> in ransom to attackers, does not feel the same way. <a href=\"https:\/\/bbu.brookfield.com\/press-releases\/bbu\/brookfield-business-partners-provides-update-restoration-systems-its-dealer\">In a press release<\/a> issued July 3, the company said \u201cwe do not expect this incident to have a material impact on Brookfield Business Partners.\u201d<\/p>\n<p>Despite the attack\u2019s downstream effect on the U.S. auto industry, CDK and its parent company did not file with the SEC under its new rules for reporting breaches.<\/p>\n<p>Attorneys and cybersecurity experts whom CyberScoop spoke to found that dichotomy between how the victim company approached its disclosures compared to its indirect victims somewhere between inevitable and absurd. The differing approaches straddle the perceived ambiguity of SEC rules that kicked into effect late last year governing when publicly traded companies must report a cyber incident to the regulator.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>At issue is the definition of what counts as \u201cmaterial,\u201d the threshold under which companies must report an attack to the commission \u2014 a term that relies on a firm\u2019s assessment of whether a \u201creasonable investor\u201d would want to know about it before deciding to invest in a company.<\/p>\n<p>\u201cI certainly am sympathetic to the argument that what is material for one entity is not material for another entity,\u201d said Bob Kolasky, a former top official at the Cybersecurity and Infrastructure Security Agency and now a nonresident scholar in the technology and international affairs program at the Carnegie Endowment for International Peace.<\/p>\n<p>On the other hand, \u201cbased on my understanding of the ransomware attack on CDK, yes, I believe a reasonable investor would want to know about it because of the nature of the attention it has gotten and the tail that will happen because of that attention,\u201d said Kolasky, who\u2019s also senior vice president of critical infrastructure at Exiger, a supply chain risk management company. \u201cIt creates a ton of uncertainty about the kind of scrutiny that\u2019s going to follow from this.\u201d<\/p>\n<p>Allan Liska, a threat intelligence analyst at Recorded Future, said he found Brookfield Business Partners\u2019 assessment that the CDK Global hack wouldn\u2019t have a material impact to \u201ccomplete bulls\u2013t,\u201d adding, \u201cit has to be [material], given the scope and the level of disruption that it caused.\u201d <\/p>\n<p>But if a business is sufficiently dominant, Liska pointed out, companies can easily absorb the financial pain of even a major breach. \u201cMaybe it\u2019s not going to affect their bottom line, and part of that, of course, is that CDK, as far as I can tell, has a pretty big market share and there aren\u2019t many alternatives,\u201d he said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Brookfield Business Partners didn\u2019t respond to questions about how it determined the materiality of the CDK Global breach. The attack, which impacted software used by nearly 15,000 auto dealerships, crippled sales operations in the U.S. auto industry for several weeks.<\/p>\n<p>Some of the affected auto dealerships commented on the disruption in their filings to the SEC, but included caveats about materiality. \u201cWhile this incident has had, and is likely to continue to have, a negative impact on the Company\u2019s business operations until the relevant systems are fully restored, the Company has not yet determined whether the incident is reasonably likely to materially impact the Company\u2019s financial condition or results of operations,\u201d <a href=\"https:\/\/www.sec.gov\/Archives\/edgar\/data\/1023128\/000102312824000079\/lad-20240619.htm\">wrote Lithia Motors<\/a>.<\/p>\n<p>Fort Lauderdale, Florida-based AutoNation, one of the country\u2019s biggest car dealership chains <a href=\"https:\/\/d18rn0p25nwr6d.cloudfront.net\/CIK-0000350698\/89f21429-1e03-48fd-9c50-6e382082fb93.pdf\">announced Monday in an SEC filing<\/a> that the attack lowered its second-quarter profit by about $1.50 a share. Despite the loss, the company said it doesn\u2019t expect the incident to have a material impact on its overall financial condition or ongoing results.<\/p>\n<p>Without being privy to all the details of the CDK attack, Elizabeth Wharton \u2014 who worked as an attorney for the city of Atlanta and now serves as founder of Silver Key Strategies \u2014 said that after breaches, companies\u2019 <a href=\"https:\/\/www.comparitech.com\/blog\/information-security\/ransomware-share-price-analysis\/\">stock prices often bounce back<\/a>. And some of CDK Global\u2019s customers might decide that even when dealing with the fallout of a cyberattack, switching to its competitors isn\u2019t worth the trouble, which could minimize the impact on the company\u2019s anticipated bottom line.<\/p>\n<p>\u201cIt\u2019s not like every car dealership, car loan financial company or supplier can just pivot on a dime and pick up a new vendor to use,\u201d she said. \u201cIf you\u2019ve ever tried switching between SalesForce and HubSpot, I feel like every sales and marketing head would just start weeping. It\u2019s not easy and it sets you back a couple months just to get used to the new system.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p><a href=\"https:\/\/www.sec.gov\/divisions\/corpfin\/guidance\/8-kinterp.htm?utm_medium=email&utm_source=govdelivery#104b.05\">SEC guidelines<\/a> say the size of a ransomware payment is not solely determinative of whether a cyber incident is material. Its guidance also has provided further answers about the conditions under which a ransomware attack would meet the materiality threshold. <\/p>\n<p>The very first standard for determining materiality is whether a company is subject to reporting cyber incidents is whether it is publicly traded or privately held, noted Brian Finch, a lawyer and partner at Pillsbury Public Policy. (Brookfield is a client of Pillsbury, so its attorneys wouldn\u2019t comment directly on the breach or the companies involved.)<\/p>\n<p>CDK is a privately owned company and thus not subject to the SEC regulations, but its publicly traded parent company, Brookfield is. <\/p>\n<p>Brookfield Business Partners managed nearly $16 billion in assets last year, <a href=\"https:\/\/bbu.brookfield.com\/sites\/bbu-brookfield-ir\/files\/2024-03\/bbp-q4-annual-report-cover.pdf\">according to its annual report<\/a>, and the Brookfield Corporation, of which Brookfield Business Partners is a part, reported revenues of nearly $96 billion for 2023, <a href=\"https:\/\/www.brookfield.com\/sites\/default\/files\/2024-03\/2023_BN_Annual_Report_0.pdf\">its annual report<\/a> states.<\/p>\n<p>For businesses of this size, $25 million \u2014 the reported size of the CDK ransom payment \u2014 represents a drop in the bucket for its bottom line, Finch said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>To be sure, if the SEC decides a company should have disclosed something as material, \u201chaving the SEC investigate you is a really big deal, and it\u2019s a big deal for any number of reasons, including their ferocious investigators,\u201d Finch said. \u201cThey have a lot of power, they have a lot of expertise, and they can impose really significant fines.\u201d <\/p>\n<p>As a result, \u201ccompanies seem to be erring on the side of over-disclosure,\u201d said David Oliweinstein, also a partner at Pillsbury who once worked in the SEC\u2019s enforcement division.<\/p>\n<p>But because the rules are so new, it might take SEC action and case law to settle the precise boundaries of how materiality applies to a cyber incident reporting threshold, the experts said.<\/p>\n<p>Right now, situations like the CDK Global hack are causing a different kind of divide, Liska said.<\/p>\n<p>\u201cMy first interpretation, and what I think a lot of cybersecurity people\u2019s first impression of the SEC guidelines are, are very, very different than what the lawyers for these companies are interpreting the guidelines to mean,\u201d he said.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\" readability=\"7.7216117216117\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/cdk-hack-shows-sec-disclosure-standards-are-unsettled-1.jpg?w=640&ssl=1\" alt=\"Tim Starks\"> <\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\" readability=\"10.901098901099\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p> Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he’s covered cybersecurity since 2003. Email Tim here: <a href=\"mailto:tim.starks@cyberscoop.com\">tim.starks@cyberscoop.com<\/a>. <\/div>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cdk-ransomware-attack-sec-disclosure-material-impact\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CDK hack shows SEC disclosure standards are unsettled | CyberScoop<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2327,1282,2328,2329,2330,2322,282,78,679,439,2015,817,1324],"tags":[2331,1284,2332,2333,2334,2325,286,86,680,443,2017,821,1326],"class_list":["post-4469","post","type-post","status-publish","format-standard","hentry","category-allan-liska","category-automotive","category-bob-kolasky","category-brookfield","category-carnegie-endowment-for-international-peace","category-cdk-global","category-cybercrime","category-cybersecurity","category-financial","category-policy","category-recorded-future","category-regulation","category-securities-and-exchange-commission-sec","tag-allan-liska","tag-automotive","tag-bob-kolasky","tag-brookfield","tag-carnegie-endowment-for-international-peace","tag-cdk-global","tag-cybercrime","tag-cybersecurity","tag-financial","tag-policy","tag-recorded-future","tag-regulation","tag-securities-and-exchange-commission-sec"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/allan-liska\/\" rel=\"category tag\">Allan Liska<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/automotive\/\" rel=\"category tag\">automotive<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/bob-kolasky\/\" rel=\"category tag\">Bob Kolasky<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/brookfield\/\" rel=\"category tag\">Brookfield<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/carnegie-endowment-for-international-peace\/\" rel=\"category tag\">Carnegie Endowment for International Peace<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cdk-global\/\" rel=\"category tag\">CDK Global<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/financial\/\" rel=\"category tag\">Financial<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/recorded-future\/\" rel=\"category tag\">Recorded Future<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/regulation\/\" rel=\"category tag\">regulation<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/securities-and-exchange-commission-sec\/\" rel=\"category tag\">Securities and Exchange Commission (SEC)<\/a>","tag_info":"Securities and Exchange Commission (SEC)","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4469","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4469"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4469\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4469"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4469"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4469"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":4469,"date":"2024-07-16T11:30:27","date_gmt":"2024-07-16T16:30:27","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81021"},"modified":"2024-07-16T11:30:27","modified_gmt":"2024-07-16T16:30:27","slug":"cdk-hack-shows-sec-disclosure-standards-are-unsettled","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/07\/16\/cdk-hack-shows-sec-disclosure-standards-are-unsettled\/","title":{"rendered":"CDK hack shows SEC disclosure standards are unsettled"},"content":{"rendered":"