Everyone’s heard the old line about death and taxes being eternal, but these days, we can certainly add data breaches to the list. Hyundai was recently at the center of another one, as its IT services arm announced that way back in February, it suffered a breach that was initially reported to compromise sensitive personal information.
Hyundai AutoEver America (HAEA), the branch that coordinates connected vehicle data for some 2.7 million Hyundai, Kia, and Genesis vehicles in North America, stated that the nefarious actors’ access lasted from February 22 of this year until March 2, although the notice only emerged on October 30. A mail bulletin offers affected individuals the option to enroll in a “complimentary” credit-monitoring service for two years.
Since the publication of this article on November 10, HAEA has clarified, per a spokesperson, that “approximately 2,000 individuals, primarily current and former Hyundai AutoEver America and Hyundai Motor America employment-related individuals, may have had employment-related data affected by the incident as opposed to general customer and/or connected vehicle data.”
Prior to this, there was concern that Social Security numbers and driver’s license data specifically were breached, based on a report from the Massachusetts Office of Consumer Affairs and Business Regulation spotted by CyberNews. Its Data Breach Report Notification Database was updated earlier this month with mention of the HAEA episode, and that it affected seven residents in the state.
A representative for the automaker told The Drive that “only those who may have been impacted would have received direct notifications that were mailed on or about October 30, 2025.” In other words, if you haven’t gotten a letter, you’re in the clear.
This breach follows two others that recently impacted Hyundai’s European business—one in 2023 and another in 2024. The automaker is now allaying fears that this hack hit a wide swath of customers, and instead was localized mostly to a few thousand employees. Hopefully, that means Hyundai, Kia, or Genesis owners don’t immediately have anything to worry about, though it’s probably wise for them and indeed the rest of us to keep a watchful eye on our financial accounts, given the frequency of stories like this. It is not a safe time for anyone’s private information.
Update November 12, 2025, 11:55 a.m. ET: After publication, Hyundai informed The Drive that it had determined a far smaller number of employees were primarily affected by the data breach, rather than the company’s user base. The article has been updated to reflect this.