Hyundai, Kia, And Genesis Suffer Massive Customer Data Breach

by Matt Posky

Published: November 10th, 2025

hyundai kia and genesis suffer massive customer data breach

Despite constant assurances from the industry that cybersecurity is everyone’s top priority, there’s been another massive data breach. This time it affects the personal data of up to 2.7 million Hyundai Motor Group customers — potentially encompassing addresses, phone numbers, driver’s licenses, and even Social Security numbers.

Hyundai AutoEver America (HAEA), which handles the automaker’s information technology department, has reportedly been compromised. Sadly, this means that Kia and Genesis customers have been similarly impacted. HAEA has stated that it has hired forensic experts to deal with the issue and is likewise working with law enforcement.

According to TechRadar, notification letters began being sent out to customers late in October. However, the attack reportedly took place between February 22nd and March 2nd of 2025 — when Hyundai AutoEver America claimed to have blocked access to the company’s network.

From TechRadar:

The letter did not say who the attackers were, what kind of information they obtained, or how many people were affected.

However, a filing with the Massachusetts Office of Consumer Affairs and Business Regulation states that the attackers took people’s names, Social Security Numbers (SSNs), and driver’s licenses.

At the same time, BleepingComputer reports the company services 2.7 million cars which, in (superficial) theory, could be the number of people potentially affected by this attack. HAEA has around 5,000 employees, but it is unclear if they are affected by this incident, as well.

By cross-referencing the stolen data with information from other stolen databases, cybercriminals can create more complete victim profiles and then reach out with highly personalized phishing emails which could trick them into sharing passwords, making wire transactions, and similar.

The corporate solution was boilerplate and admittedly unconvincing. Hyundai claims it has added extra security to its network while bringing in third-party experts and law enforcement. This has been the play for all automakers suffering from cyberattacks, yet the problem only seems to have gotten worse as more corporate data has been digitized.

Hyundai even suffered back-to-back data breaches in Europe in 2023 and 2024. The lessons learned from those incidents apparently failed to stick or help customers in the United States.

I’m not sure we should even be surprised by data breaches and ransomware attacks anymore. The fact that most automakers already sell your data to third parties for profit makes your personal information inherently vulnerable, even without criminal ransomware or other cyberattacks being an issue.

We’re likewise concerned about why it took Hyundai so long to notify the 2.7 million customers that are believed to be involved in the latest data breach. Hyundai AutoEver America was aware of the incident by March. Was it simply unaware of the scope of the breach until recently or did its legal team spend the last several months trying to figure out how to tell Hyundai customers that their personal information might have been compromised? Something feels a little off about the timeline.

The automaker is hoping to make amends by offering two years of free identity theft and credit monitoring to impacted customers via Epiq. Hilariously, Epiq also suffered a ransomware attack back in 2020. At the time, the company said it was working with third-party experts and law enforcement to solve the problem.

[Images: Hyundai Motor Group]

Become a TTAC insider. Get the latest news, features, TTAC takes, and everything else that gets to the truth about cars first by subscribing to our newsletter.

#NewsBlog #IndustryNews #Safety #Security #Data #Cybersecurity #CyberAttacks #Hyundai #Genesis #Kia

Matt Posky

Consumer advocate tracking industry trends and regulations. Before joining TTAC, Matt spent a decade working for marketing and research firms based in NYC. Clients included several of the world’s largest automakers, global tire brands, and aftermarket part suppliers. Dissatisfied, he pivoted to writing about cars. Since then, he has become an ardent supporter of the right-to-repair movement, been interviewed about the automotive sector by national broadcasts, participated in a few amateur rallying events, and driven more rental cars than anyone ever should. Handy with a wrench, Matt grew up surrounded by Detroit auto workers and learned to drive by twelve. A contrarian, Matt claims to prefer understeer and motorcycles.

More by Matt Posky

Comments

Join the conversation

3 of 33 comments

Andarris on Nov 11, 2025

In my opinion cyber security is still in middle school and currently on pace to fail 8th grade... I use the absolute minimum in financial products and services, next to fintec whatsoever and and 99% of my online activity is purely hobbies and amusement. The best solution to devolt qgainst it and simply.refuse to buy on terms other than your own but people are too weak for boycots these days so nothing will change and most victims are fully deserving of whatever happens to them in terms of cybercrime.

Like Reply
Bking12762 on Nov 13, 2025

Password is Louvre.

1 Reply
- Slavuta on Nov 13, 2025
  
  I use 'password123' on all accounts. You can verify, if you want. Even MS onepassword has that
  
  Like

Recent Comments

Amwhalbi My 1972 Mercury Capri was my first stick shift car. God, I miss that thing. It was a blast to drive.
Vid169489471 The technology exists today to produce a variable color temperature (kelvin) LED lamp. It can vary from 2700k that soft orange look to 6500k the bright daylight with the bluish tint.Since everything in a late model car is computer controlled, it would be an easy task to write a few lines of code that enables your vehicle to not only dim down from hi to low beam but to shift color temp down to the 2700k range for oncoming traffic, then back up to 5000k once oncoming traffic has passed. For the operator it would be automatic and seamless. For older cars they could be retrofitted with LEDs that are 2700k on low beam and 5000k on hi beam. As far as standards, there could be a lumens max, and a minimum. Several States already have minimum lumen standards going back to the old incandescent bulbs. Why not update these to national standards.
Jam169859557 More regulation is needed for ALL vehicle lighting systems. [list=1][*]The lighting that is most blinding are the rapidly flashing red, blue and amber lights on emergency vehicles. The lights themselves are blinding, flashing so rapidly that it's impossible for even the sharpest eyes to adjust. What's worse, is the nature of the emergency requires a careful view of the area surrounding the emergency vehicle. There is something going on that needs to be seen. More flashing lights is not the solution.[/*][*]Brighter headlights need to be regulated. The tall riding vehicles do not need headlights positioned so high that they blind drivers in lower riding vehicles. And those heasdlights need to be aimed properly. When I first started driving my 2020 Subaru Outback, many drivers would flash their lights, hoping I would dim my lights. This stopped after I performed am easy adjustment that tilted the beam lower. Late model Subaru headlamps are designed with a sharp cutoff that project less glare above the hood line. When the headlights are properly aimed, other drivers are not blinded by the beam.[/*][*]Customized light assemblies make it more difficult to see the marker lights (tail lamps, turn signals and side marker lamps) that have been tinted. There are many municiple codes that prohibit this tinting, but these laws are seldom enforced.[/*][/list=1]Solutions: Tight controls on emergency vehicle lighting. In trying to make these vehicles more visible, a dangerous side effect is reducing the ability of drivers to see the surrounding perils.Headlight design regulations that reduce the height of the headlight assemblies. Just because a pickup truck has a hood that sits 4 feet abouve the pavement, it does not mean the headlights need to be so high. Owneres should maintain proper adjustments to their vehicle headlights.Establish and enforce regulation requiring a illumination standard be followed.
Stl170698708 as someone who hates big government, and their interference;but you can add me to the list of people that are blinded by the lights.unfortunately "the poop is out of the horse and no way is it going back in"They have had 5 years to make lights bigger, badder and brighter because in the vehicle work it is go big or go home!Trucks are the worst because so many people use them to express their dominance and that is big, big, big $$ both at the Original Purchase and in the Aftermarket world.If, we are so lucky to get some good government regulation on this it will also take some very good Court enforcement to get the aftermarket people with fines and lawsuits.Much like the EPA did with the Diesel Tuner Industry that felt emission regulations didn't apply to them.This is from someone that owns said pickup truck with the same bright headlights,but i only use the truck when I have too and always turn off the Fog lights when driving in traffic.
Art65765977 I saw a porsche 911 with the most amazing headlights from behind approaching the Sunshine skyway in Florida. The pattern was 108 degrees across sweeping the road like a broom. My brother and I were amazed. I don't know what it looked like from the front but i am sure it was better than American cars