Hyundai AutoEver America, the IT-services arm supporting Hyundai and Kia operations in North America, has disclosed a cyberattack that resulted in the theft of sensitive customer information. According to breach notifications sent to affected individuals, the intrusion began on February 22, 2025 and continued until March 2, when the attackers were removed from the company’s systems. The disclosure did not identify the attackers or confirm the total number of victims.
Table of Contents
Records stolen include SSNs and driver’s licenses
A filing with the Massachusetts Office of Consumer Affairs and Business Regulation confirms that the attackers accessed names, Social Security Numbers and driver’s license details. While Hyundai has not provided a firm estimate of exposure, reporting indicates that Hyundai AutoEver supports around 2.7 million vehicles in the United States. That number gives a sense of the potential scale, although it remains unclear how many individuals’ data was actually taken. The company employs roughly 5,000 staff, but their status in this breach has not been specified.
Greater risk of targeted phishing and identity theft
Stolen identity data is often merged with other breached information to create detailed victim profiles. Cybercriminals can then craft convincing emails designed to extract passwords, initiate fraudulent transfers or impersonate trusted contacts. The nature of the data taken in this attack increases the likelihood of accurate and successful phishing attempts. This creates a long-term exposure risk that may persist even after immediate technical issues have been addressed.
Hyundai responds and begins remediation
Hyundai AutoEver says it has reinforced its security controls, brought in external forensic specialists and reported the incident to law enforcement. The company is offering two years of identity theft protection and credit monitoring through Epiq to individuals whose data was confirmed to be accessed. This aligns with the standard corporate response after a major breach, although the long-term impact for customers will depend on how widely the stolen data circulates.
Not the first cybersecurity incident for the automaker
Hyundai Motor Europe suffered a ransomware attack last year attributed to the Black Basta group, which claimed to have stolen roughly 3TB of corporate data. Although Black Basta activity has quieted since early 2025, the earlier incident highlights the persistence of threats facing global automotive companies. With Hyundai now confronting another breach, the pressure to strengthen IT infrastructure across regional divisions is likely to increase.
