Hackers infiltrated Hyundai AutoEver America’s (HAEA) systems between February and March 2025, gaining unauthorized access for nine days before detection. The breach exposed sensitive personal data of approximately **2,000 customers**, including **names, Social Security numbers, and driver’s license details**, though the company could not confirm if the data was exfiltrated. HAEA, a digital subsidiary of Hyundai Motor Group managing software for Hyundai, Kia, and Genesis vehicles, serves **2.7 million users**, but the impact was limited to a small subset. The incident prompted an external cybersecurity investigation, two years of free credit monitoring for affected individuals, and a dedicated hotline for support.The breach underscores escalating risks in automotive cybersecurity, particularly as modern vehicles collect vast amounts of driver data (e.g., location history, payment info). While HAEA downplayed the scale, the exposure of **personally identifiable information (PII)**—even for a limited group—raises concerns about data protection practices across the industry, especially following regulatory actions like the FTC’s ban on GM’s driver data sales and Senate scrutiny of automakers’ privacy policies.
Source: https://www.cbtnews.com/hyundai-confirms-security-breach-after-hackers-access-sensitive-data/
Hyundai AutoEver America cybersecurity rating report: https://www.rankiteo.com/company/hyundai-autoever-america
"id": "HYU1892418111225",
"linkid": "hyundai-autoever-america",
"type": "Breach",
"date": "2/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '2,000',
'industry': 'automotive software',
'location': 'United States',
'name': 'Hyundai AutoEver America (HAEA)',
'size': '2.7 million users (2,000 affected)',
'type': 'subsidiary'},
{'industry': 'automotive',
'location': 'Global (HQ: South Korea)',
'name': 'Hyundai Motor Group',
'type': 'parent company'}],
'customer_advisories': ['Two years of free credit monitoring offered (90-day '
'enrollment window).',
'Hotline established for inquiries: 855-720-3727.'],
'data_breach': {'data_exfiltration': 'Accessed but not confirmed if '
'exfiltrated',
'number_of_records_exposed': '2,000',
'personally_identifiable_information': ['names',
'Social Security '
'numbers',
'driver’s license '
'numbers'],
'sensitivity_of_data': 'high (includes SSNs and driver’s '
'license details)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)']},
'description': 'Hackers accessed Hyundai AutoEver’s systems between February '
'and March 2025, exposing personal data, including names, '
'Social Security numbers, and driver’s license details. The '
'breach affected approximately 2,000 of the 2.7 million users '
'served by HAEA, a digital subsidiary of Hyundai Motor Group '
'managing software systems for Hyundai, Kia, and Genesis '
'vehicles. The intrusion went undetected for nine days, '
'raising concerns about data protection in modern vehicles.',
'impact': {'brand_reputation_impact': 'Raised concerns about data protection '
'in modern vehicles and automaker data '
'collection practices',
'data_compromised': ['names',
'Social Security numbers',
'driver’s license details'],
'identity_theft_risk': 'Potential (customers advised to monitor '
'bank and credit accounts)',
'systems_affected': ['Hyundai AutoEver America (HAEA) software '
'systems']},
'initial_access_broker': {'high_value_targets': ['customer PII (SSNs, '
'driver’s license data)']},
'investigation_status': 'Ongoing (as of disclosure; scope assessment and '
'containment confirmed)',
'lessons_learned': 'The incident underscores the need for stronger '
'cybersecurity measures in automotive software systems, '
'particularly as vehicles collect increasing amounts of '
'sensitive driver data. Proactive monitoring and faster '
'detection are critical to mitigating risks.',
'post_incident_analysis': {'root_causes': ['Undetected intrusion for nine '
'days',
'Potential vulnerabilities in '
'HAEA’s software systems']},
'recommendations': ['Automakers should enhance encryption and access controls '
'for customer data.',
'Implement real-time intrusion detection systems to '
'reduce dwell time.',
'Increase transparency with customers about data '
'collection and protection practices.',
'Regular third-party security audits for subsidiaries '
'handling sensitive data.'],
'references': [{'source': 'Kelley Blue Book'},
{'source': 'CBT News'},
{'source': 'California Attorney General (state filing)'},
{'source': 'Maine and Massachusetts state filings'}],
'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
'General (letter '
'filed)',
'state filings in '
'Maine and '
'Massachusetts']},
'response': {'communication_strategy': ['letters to affected individuals',
'state filings (Maine, Massachusetts, '
'California)',
'public advisory via media (e.g., '
'Kelley Blue Book)'],
'containment_measures': 'Investigation launched to confirm '
'containment',
'incident_response_plan_activated': True,
'recovery_measures': ['two years of free credit monitoring for '
'affected users',
'established hotline (855-720-3727)'],
'third_party_assistance': ['cybersecurity experts (for '
'investigation)']},
'stakeholder_advisories': ['Customers advised to monitor financial accounts '
'for unusual activity'],
'title': 'Hyundai AutoEver America (HAEA) Data Breach (2025)',
'type': ['data breach', 'unauthorized access']}