Hyundai AutoEver America is notifying people that hackers breached the corporate’s IT surroundings and gained entry to non-public info.
The corporate found the intrusion on March 1 however the investigation revealed that the attacker had entry to the programs since February twenty second.
Hyundai AutoEver America (HAEA) is an affiliate of Hyundai Motor Group that gives IT consulting, managed providers, and helpdesk help for your complete lifecycle of automotive IT from manufacturing to retirement.
Its function is to produce IT options and providers tailor-made to the automotive business, significantly for Hyundai and Kia associates, together with automobile telematics, OTA (over-the-air) updates, maps, automobile connectivity, embedded programs, and autonomous driving programs.
The corporate additionally offers enterprise programs, together with gross sales and ERP, in addition to digital manufacturing platforms for automotive factories.
In accordance with HAEA’s web site, the corporate has 5,000 staff, 2 million customers, and its programs are utilized in 2.7 million automobiles.
“On March 1, 2025, HAEA grew to become conscious of a cyber incident that impacted our info know-how surroundings,” reads the notification to impacted people.
“Upon discovery, we instantly launched an investigation with the help of exterior cybersecurity consultants to evaluate the scope of the incident, affirm containment, and determine any affected info,” the corporate says.
“HAEA additionally labored with regulation enforcement. By means of our investigation, we decided that the unauthorized exercise seems to have begun on February 22, 2025, and the final noticed unauthorized exercise occurred on March 2, 2025.”
Concerning the varieties of info uncovered, the letter pattern solely mentions names, however the Massachusetts authorities portal additionally lists Social Safety Numbers (SSNs) and driver’s licenses.
It’s unclear if the breach impacts solely staff or clients/customers as effectively, and the way many individuals have been impacted particularly.
BleepingComputer has contacted each HAEA and its mother or father firm to ask for extra particulars on that entrance, however an announcement wasn’t instantly obtainable.
On the time of writing, no ransomware teams have assumed accountability for the assault, so the perpetrators stay unknown.
Hyundai has skilled a number of cybersecurity incidents over the previous couple of years, together with a Black Basta ransomware assault towards the Korean carmaker’s European operations arm and a data breach that uncovered proprietor knowledge in Italy and France.
As well as, researchers found that the Hyundai companion app for Kia and Hyundai house owners had main privateness and security lapses that enabled unauthorized distant automotive management. Their built-in anti-theft programs have additionally been not too long ago uncovered as ineffective.
It is funds season! Over 300 CISOs and security leaders have shared how they’re planning, spending, and prioritizing for the 12 months forward. This report compiles their insights, permitting readers to benchmark methods, determine rising traits, and evaluate their priorities as they head into 2026.
Find out how high leaders are turning funding into measurable affect.
