Authenticom, a data integration service provider that works with dealerships, says it is working to restore systems it took offline in response to what may have been a ransomware attack.

The company said it has worked with forensic experts and discovered no evidence that any customers’ data was compromised after the Oct. 31 incident, CEO Steve Cottrell said in a letter sent Monday to dealerships and software providers that Authenticom provided to Automotive News.

The company took its systems offline after discovering the security threat, Cottrell said in the letter.

“Our automated security systems and people that responded to the initial alerts did exactly what they were supposed to do to protect your data,” Cottrell wrote. “Based on our investigation to date, it appears that we were the subject of a ransomware attack that we were able to interrupt with our response.”

He added that “the attack was in the process of disrupting our system operations when we caught it. Unfortunately, while the data remained protected, the bad actors were able to inflict significant damage to our systems.”

Authenticom said it is working with Microsoft and other experts to restore its systems and full operations, but it did not offer a timeline for restoration.

He wrote that “we want to be transparent that this process is going to take more time to complete.”

Authenticom works with more than 15,000 franchised and independent dealerships and hundreds of software vendors. The company allows dealerships to share data contained in a dealership management system with their third-party service vendors.

“I am so incredibly sorry for the inconvenience and concern this incident has caused,” he wrote in the letter. “Our systems will be back online; we will return to normal business operations; and we will be stronger and more resilient than ever. I promise you.”

In a letter to dealerships Tuesday that the company also provided to Automotive News, Authenticom said it had restored communication services including phone lines and virtual communication channels, as well as its DealerVault product portals for dealerships and vendors.

“We are actively working to bring up our remaining real-time web services, data hygiene, and data syndication services,” the company wrote in the letter.

Cybersecurity incidents, including ransomware attacks, are a growing threat in auto retail, according to information security consultants that work with dealerships.

A survey of auto dealerships by DMS giant CDK Global Inc. found that nearly half — 49 percent — of respondents said they planned to boost their cybersecurity budgets, compared with 24 percent in 2020, according to the company’s dealership cybersecurity report released Wednesday.

Eighty-five percent of respondents said cybersecurity is very or extremely important compared with other areas of operation, according to the report, with 77 percent saying it’s more important than it was last year.