Hyundai AutoEver America, LLC has formally confirmed a data breach that compromised sensitive customer information through a coordinated cyber attack.
The automotive software provider disclosed the incident via official breach notification letters sent to affected individuals, revealing that attackers gained unauthorized access to names, Social Security numbers, and driver’s license information.
The breach timeline indicates that unauthorized activity began on February 22, 2025, with attackers maintaining access to Hyundai AutoEver’s information technology environment for approximately nine days.
The company discovered the intrusion on March 1, 2025, and immediately launched a comprehensive investigation, supported by external cybersecurity specialists and law enforcement agencies.
The last observed unauthorized activity occurred on March 2, 2025, suggesting the company successfully contained the incident within that window.
Scope of Compromised Data
Hyundai AutoEver’s forensic analysis revealed that the breach exposed a range of sensitive personal data elements, including customer names and government-issued identification numbers.
The notification letters specifically reference Social Security numbers and driver’s license information as compromised data.
However, the company indicated that affected individuals received personalized notices detailing the exact data elements exposed to them, allowing customers to understand their specific risk factors.
The extent of the breach required significant time and resources to analyze forensic information and affected databases.
Hyundai AutoEver coordinated with third-party cybersecurity specialists throughout the investigation to determine the full scope of exposed information and identify all affected individuals who required notification.
Following the discovery of the breach, Hyundai AutoEver immediately terminated the unauthorized third party’s access to affected systems.
The company engaged third-party cybersecurity specialists to assist with comprehensive investigation and remediation efforts while implementing additional security enhancements designed to prevent similar incidents in the future.
To protect affected customers, Hyundai AutoEver arranged complimentary two-year credit monitoring and identity protection services through Epiq Privacy Solutions.
This service includes three-bureau credit monitoring and identity theft protection features at no cost to affected individuals.
Customers have 90 days from the date of their notification letter to activate these services using unique enrollment codes provided by the company.
Security experts recommend that affected customers remain vigilant by regularly reviewing financial account statements and monitoring credit reports for suspicious activity.
The company advises that any discovered fraud or identity theft be reported immediately to financial institutions and relevant authorities.
Affected individuals can place fraud alerts on their credit files by contacting Equifax, Experian, or TransUnion, or establish security freezes to restrict unauthorized access to their credit files.
These preventative measures provide additional layers of protection against potential misuse of exposed personal information.
Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today
%20(1).webp?resize=1068,580&ssl=1&description=The automotive software provider disclosed the incident via official breach notification letters sent to affected individuals){kind=link}