Hyundai AutoEver America (HAEA) has confirmed a cybersecurity breach that exposed personal data after hackers gained access to its IT systems.
The company discovered the intrusion on March 1, 2025, but investigators later found that the attackers had been inside its network since February 22.
HAEA, an affiliate of Hyundai Motor Group, provides IT consulting, managed services, and digital solutions for the automotive industry. Its systems support Hyundai and Kia affiliates with vehicle telematics, over-the-air updates, embedded systems, and autonomous driving technology, as well as business platforms like sales and ERP systems. The company reports having 5,000 employees and 2 million users, with its services used in 2.7 million vehicles.
In its notification, Hyundai AutoEver said it quickly launched an investigation with the help of cybersecurity experts and law enforcement to determine the scope of the attack and secure affected systems. The company confirmed that the unauthorized access began on February 22 and continued until March 2.
The exposed data includes names, and according to the Massachusetts government portal, also Social Security Numbers and driver’s license details. It remains unclear whether the breach affects employees, customers, or both, and Hyundai has yet to confirm the total number of individuals impacted.
So far, no ransomware groups have claimed responsibility for the incident. This marks another cybersecurity challenge for Hyundai, which has faced several security issues in recent years, including a ransomware attack on its European operations and data leaks affecting vehicle owners in Italy and France.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Security researchers have also found major privacy flaws in Hyundai and Kia companion apps that could allow unauthorized car access, raising ongoing concerns about the automaker’s digital safety.
