- Hyundai AutoEver America suffered a breach that uncovered social safety numbers, names and driver’s licenses
- Up to 2.7 million folks could also be affected; phishing dangers are actually excessive
- HAEA Hired Forensic Experts, Notified Authorities, and Offers Free Identity Protection
Hyundai AutoEver America (HAEA), the automaker’s IT providers subsidiary serving the North American area, confirmed that it suffered a cyberattack and misplaced delicate buyer knowledge because of this.
In a knowledge breach notification letter just lately despatched to affected people, HAEA defined that the assault started on February 22, 2025 and lasted till March 2, when the attackers had been kicked out of the corporate’s community.
The letter didn’t say who the attackers had been, what kind of knowledge they obtained or how many individuals had been affected.
Mitigate the injury
However, a submitting with the Massachusetts Office of Consumer Affairs and Business Regulation claims that attackers took folks’s names, their Social Security Numbers (SSNs), and their driver’s licenses.
At the identical time, beepcomputer experiences that the corporate providers 2.7 million automobiles, which, in concept (shallow), might be the variety of folks doubtlessly affected by this assault. HAEA has round 5,000 staff, however it’s unclear if they’re additionally affected by this incident.
By cross-referencing stolen knowledge with data from different stolen databases, cybercriminals can create extra full sufferer profiles after which ship extremely customized phishing emails that might trick them into sharing passwords, making digital transactions, and the like.
After the assault, HAEA did what most firms do in related conditions: they “hardened” their networks, employed exterior safety professionals for evaluation and forensic help, and notified authorities.
The firm additionally provides two years of free identification theft and credit score monitoring to affected people via Epiq.
This will not be the primary time Hyundai has been attacked by cybercriminals. Last 12 months, Hyundai Motor Europe, the European division of the South Korean automaker, confirmed it had suffered a ransomware assault.
The risk actors then had been Black Basta, which apparently managed to steal 3TB of delicate firm information, however has been down since early 2025.