FBI investigates cyberattack on Iowa’s Karl Auto Group

CNN Newsource on June 5, 2026

The FBI is investigating a cyberattack on Karl Auto Group

By Todd Magel

Click here for updates on this story

    ANKENY, Iowa (KCCI) — The FBI is investigating a cyberattack on Karl Auto Group, the parent company of Karl Chevrolet in Ankeny, that may have compromised the personal financial information of thousands of customers.

Karl Auto Group, the largest car and truck dealer in Iowa, experienced the attack over the Easter weekend, shutting down its systems. Dealer Principal Bret Moyer described the situation as unsettling.

“It’s really frustrating, you know? It’s like you’ve been violated,” Moyer said.

Moyer and his family have operated Karl Chevrolet and Karl Auto Group since 1978. He said the attack disrupted operations when employees arrived at work.

“We came in to work here on that Saturday morning and didn’t have phones, didn’t have computers. And it was pretty alarming,” Moyer said.

The company fears the breach may have exposed sensitive customer information, including names, Social Security numbers, driver’s license numbers, financial account information, passport numbers and passport images. Karl Auto Group has posted notices on its website and sent emails to affected customers, advising them to take precautions.

Chris Coleman, president of the Iowa Better Business Bureau, praised the company for its prompt response.

“Karl is complimented for notifying people right away,” Coleman said.

Coleman also encouraged customers to take steps to protect themselves.

“I think they should take it serious enough to take the minimum steps to protect themselves. Change passwords. Sign up for notifications from your bank and make sure that people don’t have access to your money,” Coleman said.

Karl Auto Group said there is no evidence so far of misuse of customer or employee personal information. Moyer emphasized the company’s commitment to its customers.

“Our customers are pretty much top of everything we do, and we’ve got to make sure that we take care of them the best that we can. And I feel like we have done that,” Moyer said.

Moyer also confirmed that the dealership did not pay any ransom money to the cyberattacker. He encouraged customers with questions or concerns to reach out to the dealership directly.

Please note: This story was provided to CNN Wire by an affiliate and does not contain original CNN reporting. This content carries a strict local market embargo. If you share the same market as the contributor of this article, you may not use it on any platform.