Hyundai AutoEver, the IT subsidiary of the larger Hyundai Group, recently began notifying customers about a major security breach it experienced. The company became aware of the intrusion on March 1, 2025, although its investigation determined that the breach had begun on February 22 and was not fully resolved until March 2, 2025. This meant that the unauthorized access lasted for over a week before being shut down. Following the incident, the company spent the subsequent seven months conducting a thorough investigation before finally commencing the process of sending notification letters to those affected. While the exact total number of impacted individuals has not been confirmed by the company, the scale of Hyundai AutoEver’s software presence, which extends to 2.7 million cars across North America, suggests the potential scope of the incident. Only customers whose data was specifically compromised will receive these official letters.
The data leak, according to reports from Forbes, was highly sensitive, potentially including the names, driver’s license numbers, and social security numbers of millions of individuals. Such a compromise of personal identifiers elevates the severity of the incident. In response to the breach and to assist those whose information may have been exposed, Hyundai AutoEver is offering a complimentary two-year subscription to a third-party credit-monitoring service. This service is intended to help affected parties protect themselves against potential identity theft or fraudulent activities resulting from the exposed data.
To manage the response and investigate the extent of the security failure, Hyundai AutoEver engaged an external, third-party cybersecurity team. This team was brought in to assist with both the technical investigation into how the breach occurred and the broader response plan. The involvement of an independent firm underscores the serious nature of the attack and the company’s commitment to understanding the scope of the vulnerability and strengthening its future security posture.
A representative for the parent company, Hyundai, confirmed its awareness of the breach in a statement to Car and Driver. The automaker indicated that it is actively monitoring the situation to confirm that all necessary and appropriate safeguards are being implemented. Critically, the representative noted that, to the best of their knowledge, no data belonging to Hyundai Motor America or relating to the Bluelink driver service was included in the reported data leak. This distinction suggests that the compromise was isolated to the subsidiary’s systems or specific data sets managed by Hyundai AutoEver.
This event is part of a growing trend of cyberattacks targeting automotive manufacturers. Earlier this year, for instance, JLR was significantly impacted by a digital attack that led to multiple weeks of production halts and billions of dollars in financial losses. As vehicles become increasingly integrated with technology that stores and transmits personal and operational information, automakers are becoming more attractive and vulnerable targets for sophisticated cyber threats. The Hyundai AutoEver breach serves as another potent reminder of the escalating security risks facing the automotive industry in the digital age.
Reference:
