Pierluigi Paganini
February 09, 2024
BleepingComputer reported that the Car maker Hyundai Motor Europe was breached by the Black Basta ransomware gang. The threat actors claim to have stolen three terabytes of data from the company.
In January the company experienced IT issues, the outage was likely caused by the ransomware attack, but the company did not disclose it. Later Hyundai told BleepingComputer that they suffered a cyberattack, without providing details about the incident.
The carmaker launched an investigation into the incident with the help of external cybersecurity and legal experts. Te company also notified relevant local authorities.
Hyundai Motor Europe only reported the discovery of unauthorized access to a limited part of its network.
BleepingComputer learned that the company suffered a Black Basta ransomware attack in early January.
The crooks provided Bleeping Computer with evidence of the data breach, it seems that the gang stole data from various departments, including legal, sales, and human resources.
In April, Hyundai suffered another data breach that impacted Italian and French car owners and customers who booked a test drive.
Threat actors had access to the email addresses, physical addresses, telephone numbers, and vehicle chassis numbers of the impacted individuals.
The data breach letter sent to the impacted individuals informs them that an unauthorized third party had access to the database of customers. Hyundai Italy has notified the privacy watchdog and hired external cybersecurity experts to determine the scope of the incident.
According to the letter, financial data were not exposed.
In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus (APT32) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Hyundai)
