Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to personal information.

The company discovered the intrusion on March 1 but the investigation revealed that the attacker had access to the systems since February 22nd.

Hyundai AutoEver America (HAEA) is an affiliate of Hyundai Motor Group that provides IT consulting, managed services, and helpdesk support for the entire lifecycle of automotive IT from production to retirement.

Its role is to supply IT solutions and services tailored to the automotive industry, particularly for Hyundai and Kia affiliates, including vehicle telematics, OTA (over-the-air) updates, maps, vehicle connectivity, embedded systems, and autonomous driving systems.

The company also provides business systems, including sales and ERP, as well as digital manufacturing platforms for car factories.

According to HAEA’s site, the company has 5,000 employees, 2 million users, and its systems are used in 2.7 million cars.

“On March 1, 2025, HAEA became aware of a cyber incident that impacted our information technology environment,” reads the notification to impacted individuals.

“Upon discovery, we immediately launched an investigation with the support of external cybersecurity experts to assess the scope of the incident, confirm containment, and identify any affected information,” the company says.

“HAEA also worked with law enforcement. Through our investigation, we determined that the unauthorized activity appears to have begun on February 22, 2025, and the last observed unauthorized activity occurred on March 2, 2025.”

Regarding the types of information exposed, the letter sample only mentions names, but the Massachusetts government portal also lists Social Security Numbers (SSNs) and driver’s licenses.

It is unclear if the breach impacts only employees or customers/users as well, and how many people were impacted specifically.

BleepingComputer has contacted both HAEA and its parent company to ask for more details on that front, but a statement wasn’t immediately available.

At the time of writing, no ransomware groups have assumed responsibility for the attack, so the perpetrators remain unknown.

Hyundai has experienced multiple cybersecurity incidents over the past couple of years, including a Black Basta ransomware attack against the Korean carmaker’s European operations arm and a data breach that exposed owner data in Italy and France.

In addition, researchers discovered that the Hyundai companion app for Kia and Hyundai owners had major privacy and security lapses that enabled unauthorized remote car control. Their built-in anti-theft systems have also been recently exposed as ineffective.