Redazione RHC : 10 November 2025 19:02
HAEA, a subsidiary of South Korean Hyundai Motor Group and headquartered in California, USA, provides customized IT solutions and services for the automotive industry, particularly to Hyundai and Kia subsidiaries.
These solutions include vehicle telematics, over-the-air (OTA) updates, mapping, vehicle connectivity, embedded systems, and autonomous driving systems. The company also provides enterprise systems for automotive plants, including sales and ERP systems, as well as digital manufacturing platforms.
HAEA reported that attackers successfully breached its network on February 22 and maintained unauthorized access to the system for 10 days before being discovered on March 2.
An internal investigation revealed that hackers accessed parts of the user database during this period, potentially leaking Social Security numbers and driver’s license information.
The company has submitted briefings to the attorney general’s offices of several U.S. states.
It’s not yet clear whether the breach affected only employees or customers/users, or how many people were affected. HAEA has announced two years of free credit monitoring for affected vehicle owners and advises users to enable multi-factor authentication and to be wary of phishing emails and unusual account activity.
In recent years, Hyundai has suffered several cybersecurity incidents, including a ransomware attack by Black Basta, which claimed to have breached Hyundai’s European operations and stolen up to 3 TB of data; and security incidents at its Italian and French subsidiaries, which leaked sensitive information such as user email addresses, addresses, and vehicle identification numbers.
Additionally, researchers discovered significant privacy and security vulnerabilities in Hyundai’s companion app for Kia and Hyundai owners, allowing unauthorized remote control of the vehicle. The integrated anti-theft system was also recently proven ineffective.
Redazione
