- Hyundai AutoEver America suffered a breach exposing SSNs, names and driver’s licenses
- Up to 2.7 million people could be affected; phishing risks are now high
- HAEA has hired forensic experts, notified law enforcement, and is offering free identity protection
Hyundai AutoEver America (HAEA), the automaker’s IT services arm serving the North American region, has confirmed that it suffered a cyberattack and lost sensitive customer data.
In a data breach notification letter recently sent to affected individuals, HAEA explained that the attack began on February 22, 2025 and lasted until March 2, when the attackers were kicked off the company’s network.
The letter does not specify who the attackers were, what type of information they obtained or how many people were affected.
Mitigating the damage
However, a filing with the Massachusetts Office of Consumer and Business Regulation indicates that the attackers took people’s names, Social Security numbers (SSN), and driver’s licenses.
At the same time, BeepComputer reports that the company services 2.7 million cars, which in (superficial) theory could be the number of people potentially affected by this attack. HAEA has approximately 5,000 employees, but it is unclear whether they are also affected by this incident.
By cross-referencing the stolen data with information from other stolen databases, cybercriminals can create more complete victim profiles and then send highly personalized phishing emails that could trick them into sharing passwords, making electronic transactions, and more.
Following the attack, HAEA did what most companies do in similar situations: They “hardened” their networks, brought in third-party security professionals for forensic analysis and assistance, and notified law enforcement.
The company is also offering two years of free identity theft and credit monitoring to affected individuals through Epiq.
This is not the first time that Hyundai has been targeted by cybercriminals. Last year, Hyundai Motor Europe, the European division of the South Korean automaker, confirmed it was the victim of a ransomware attack.
The perpetrators of the threat then were Black Basta, which apparently managed to steal 3TB of sensitive files from the company, but has been inactive since early 2025.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
