Hyundai IT services breach could put 2.7 million Hyundai, Kia owners in the US at risk

News
By published

March 2025 cyberattack could leave Hyundai, Kia owners at risk

A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
(Image credit: Shutterstock / JLStock)
  • Hyundai AutoEver America suffered a breach exposing SSNs, names, and driver’s licenses
  • Up to 2.7 million individuals may be affected; phishing risks now elevated
  • HAEA hired forensic experts, notified law enforcement, and offers free identity protection

Hyundai AutoEver America (HAEA), the carmaker’s IT-services subsidiary servicing the North American region, has confirmed suffering a cyberattack and lost sensitive customer data as a result.

In a data breach notification letter recently sent out to affected individuals, HAEA explained that the attack began on February 22, 2025, and lasted until March 2, when the attackers were thrown out of the company’s network.

The letter did not say who the attackers were, what kind of information they obtained, or how many people were affected.

Mitigating the damage

However, a filing with the Massachusetts Office of Consumer Affairs and Business Regulation states that the attackers took people’s names, Social Security Numbers (SSNs), and driver’s licenses.

At the same time, BleepingComputer reports the company services 2.7 million cars which, in (superficial) theory, could be the number of people potentially affected by this attack. HAEA has around 5,000 employees, but it is unclear if they are affected by this incident, as well.

By cross-referencing the stolen data with information from other stolen databases, cybercriminals can create more complete victim profiles and then reach out with highly personalized phishing emails which could trick them into sharing passwords, making wire transactions, and similar.

In the aftermath of the attack, HAEA did what most companies do in similar situations - they “hardened” their networks, brought in third-party security professionals for forensic analysis and assistance, and notified law enforcement.

The company is also offering two years of free identity theft and credit monitoring to affected individuals through Epiq.

This is not the first time Hyundai has been targeted by cybercriminals. Last year, Hyundai Motor Europe, the South Korean carmaker’s European division, confirmed suffering a ransomware attack.

The threat actors then were Black Basta, which apparently managed to steal 3TB worth of sensitive company files, but has been inactive since early 2025.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.