The IT service provider for Hyundai, Kia, and Genesis, Hyundai AutoEver America, discovered a cyberattack earlier this year. The breach potentially affects up to 2.7 million vehicle owners, with the exposed information including customer names, driver’s license numbers, and Social Security numbers.Â
Worryingly, this breach leaves customers at serious risk of identity theft and fraud. Though the leak was discovered in March, customers are only hearing about it now, nearly eight months later, after a lengthy investigation into what data was actually compromised.
How Hackers Got Inside
After discovering the over-week-long breach that began in February this year, Hyundai AutoEver brought in cybersecurity investigators and alerted law enforcement. Specific details on the breach remain unavailable, and the company has not identified which hacker group was responsible or exactly how they broke in.
This is not Hyundai’s first run-in with hackers either. The automaker suffered back-to-back incidents in Europe in 2023 and 2024. In early 2024, the Black Basta ransomware group claimed to have stolen more than 3 terabytes of data from Hyundai Motor Europe. These repeated incidents raise serious questions about the company’s security standards.
Hyundai
The Auto Industry’s Data Problem
Hyundai isn’t alone in facing cybersecurity threats. The automotive sector has become a magnet for cybercriminals in recent years. In 2024, researchers identified over 100 ransomware attacks targeting the automotive and smart mobility ecosystem. Volkswagen Group faced a massive breach in December 2024 that exposed information from approximately 800,000 electric vehicle owners.
Hyundai AutoEver is offering affected customers complimentary two-year credit monitoring services. But for millions of people whose most sensitive information may now be circulating in dark web marketplaces, monitoring credit is just the tip of the iceberg.
Â
