Hyundai has confirmed that the personal details of car owners in France and Italy have been compromised. The hacker, who has not yet been identified, was able to breach the database of the South Korean automotive company, exposing the personal information of the owners and the test drive schedules in the affected countries.
Hyundai Claims No Financial Data or ID Numbers Were Stolen
As reported by Bleeping Computer, the hacking attempt made the sensitive information of Hyundai car owners become public. This was first picked up by Troy Hunt, the owner of the website "HaveIBeenPwned." The publicized public information from the Hyundai database was also reported by many individuals on Twitter.
The data breach exposed the private details of vehicle owners, which include e-mail addresses, physical addresses, telephone numbers and vehicle chassis numbers. Following these reports, Hyundai issued a public letter to confirm the data breach incident. However, the automotive company also claimed that the hacker who was able to access their database did not steal financial data or identification numbers.
As of writing, the identity of the hacker has not yet been determined, nor there have been groups taking responsibility for the Hyundai data breach. The number of affected customers is still unknown, and the company also did not reveal if the data breach lasted for a long time. Nonetheless, Hyundai warned their customers to take extra caution when they receive e-mails and SMS messages from entities claiming to be Hyundai representatives, as these could be a phishing or social engineering attempt.
Furthermore, Hyundai said that they have already mobilized their IT experts to address the problem. The affected network systems were taken offline to implement additional safeguards to prevent further attacks.
"Although there is no evidence that the data concerned have been used for fraudulent purposes, out of extreme caution, we invite you to pay particular attention and to verify any contact attempt via e-mail, mail and/or text message that may appear to come from Hyundai Italia or by other entities of the Hyundai Group." Hyundai Italy said in the latter. The same letter was also given to Hyundai customers in France.
Security Researchers Find Vulnerability Which Makes Hyundai Cars Easier to Hack
The latest hacking incident at Hyundai appears to have not affected customers in other countries apart from France and Italy. It is also not clear how the hackers were able to penetrate the company's network security measures, but it is likely due to a vulnerability that the hackers were able to exploit.
Prior to the data breach incident, some security researchers found a software weakness that could make Hyundai cars susceptible to hacking. Not only does this vulnerability make it easier for potential hackers to access the car owners' sensitive data, but it will also allow bad actors to remotely control the car's functions. They can easily unlock the car doors or start the engine by exploiting this weakness, according to ITPro.
Researchers have determined that this software vulnerability affect Hyundai car models released from 2012 onwards. It should be noted, however, that this vulnerability has never been confirmed to be the cause of the recent hacking incidents at Hyundai.