Hyundai has reported a personal data breach affecting car owners in Italy and France, as well as those who ordered a test drive in these countries. According to numerous posts on social media, as well as a sample letter shared on his blog by Troy Hunt, creator of the Have I Been Pwned leak aggregator, the exposed data included email addresses, postal addresses, phone numbers, and vehicle chassis numbers. Hyundai’s letter clarifies that the hackers were unable to steal financial data and vehicle identification numbers.
The company has already involved IT specialists in the investigation, who have shut down the systems affected by the attack until additional protective measures are introduced. Hyundai also warns customers to be wary of unsolicited emails and SMS messages purporting to be from Hyundai Italia and other Hyundai Group companies, as they could be phishing and social engineering attempts.
At this time, it is not yet known how many customers were affected by the attack, how long the hackers remained on the company’s network, or which other countries may have been impacted.