Hyundai AutoEver Data Breach Exposes Millions of Vehicle Owners

Hyundai AutoEver Data Breach Exposes Millions of Vehicle Owners

The IT services arm supporting Hyundai, Kia, and Genesis in North America disclosed a data breach that may have exposed sensitive personal information for a large number of customers.

Overview

In late 2025, Hyundai AutoEver America (HAEA) — the IT services division that supports Hyundai, Kia, and Genesis across North America — confirmed it had suffered a large-scale data breach. The company provides connected car systems, dealership IT infrastructure, and backend services for millions of vehicles, making the potential impact significant.

While the exact number of affected individuals is still being investigated, reports suggest that as many as 2.7 million customers could be impacted. The exposed information includes sensitive details such as names, addresses, driver’s license numbers, and Social Security numbers. The company has begun notifying affected individuals and offering two years of complimentary identity protection and credit monitoring.

How it happened

According to the investigation, the breach began around February 22, 2025, when an unauthorized third party gained access to Hyundai AutoEver America’s internal systems. The intrusion reportedly continued until March 2, 2025 before being detected.

The company stated that attackers accessed files containing personal information stored on corporate servers. Although the exact method hasn’t been publicly confirmed, large IT environments are often compromised through stolen credentials or vulnerabilities in enterprise applications. HAEA launched an internal investigation, engaged cybersecurity specialists, notified law enforcement, and implemented additional security measures.

Because Hyundai AutoEver provides technology infrastructure to multiple automotive brands, this incident may touch several customer databases and connected service platforms, raising the likelihood that highly sensitive data across different systems was exposed.

Risks

For affected customers, the consequences can be serious. Leaked data may enable identity theft, allowing criminals to open credit lines, apply for loans, or impersonate individuals. The inclusion of driver’s license and Social Security numbers makes the information especially valuable to fraudsters.

There is also a heightened risk of phishing and social engineering. With accurate personal details on hand, attackers can craft convincing messages that appear to come from Hyundai, Kia, Genesis, or a dealership. Victims might unknowingly share more data or even payment information. Incidents of this scale can erode customer trust and trigger lawsuits and regulatory scrutiny.

Recommendations

Even if you haven’t received an official notice, stay cautious if you own a Hyundai, Kia, or Genesis vehicle. Watch your mailbox and email for instructions about enrolling in complimentary credit monitoring or identity protection.

Monitor bank and card statements plus your credit reports for unfamiliar activity. Report anything suspicious immediately. Consider placing a fraud alert or a credit freeze with the major credit bureaus to make it harder for someone to misuse your data.

Be skeptical of unsolicited emails, texts, or calls that reference your vehicle or service accounts. If in doubt, contact customer support through official channels — avoid clicking links or calling numbers in unexpected messages. Strengthen your online security by using strong, unique passwords and enabling multi-factor authentication on your accounts, including any connected-car apps.