InfoSecBulletin Cybersecurity for mankind
Hyundai reported a data breach that impacted car owners in Italy and France and people who booked their test drives. The company has warned that hackers accessed customers’ data.
Hyundai owns roughly 3% of the market shares in Italy and France, selling nearly half a million vehicles a year in Europe.
Joint cybersecurity advisory
Botnet infects 260,000 SOHO routers, IP cameras with malware
Chrome 129 Released Fix with multiple Security Flaws
Broadcom fixed RCE bug in VMware vCenter Server
Cybercriminal now misuse Microsoft Azure tool to steal data
Apple warns users to install iOS 18 to Fix 33 iPhone Vulnerabilities
CISA adds windows and whatsUp Gold vuls to its KEV
Petroleum and Fuel Industry
FleetPanda exposes Nearly One Million Documents
DESCO faces cyber attack: Customers Data Breach
Alert! Google Fixes GCP Composer Flaw
CTF in Bangladesh: Unveiling Challenges, Opportunities and remedies
As per Twitter reports, the following data has been exposed.
- Physical addresses
- E-mail addresses
- Telephone numbers
- Vehicle data (Chassis numbers)
The breach notification released by Hyundai also mentioned that the threat actor did not steal any financial data or identification numbers.
Hyundai Italy said, “Our IT investigations confirmed that some of our customer data may indeed have been impacted. Specifically, the data includes contact information (such as emails, addresses and telephone numbers) and vehicle data (such as chassis numbers). Neither financial data nor official identification numbers were affected.”
In addition, Hyundai warned their customers that there might be phishing and social engineering attempts, asking them to be vigilant about any unsolicited emails and SMS text that appears to have originated from Hyundai.
As per Hyundai France’s reports, the exposed data has gone to a certain extent, adding First Name, Last name, DOB, telephone, Customer name, postal address, and chassis number.
“As soon as we were notified of the incident, we immediately launched an investigation and implemented all measures to contain it. We turned to the best cybersecurity specialists and our lawyers to support us in handling the incident.”
“We promptly informed the Guarantor for the Protection of Personal Data and among the various security measures adopted, we blocked the server concerned and permanently removed it from the network. We are continuing to work with our IT teams to ensure our systems maintain a high standard of security.”
Hyundai has indicated that both of their data breaches have been informed to the data protection authorities of Europe. They are working with their cyber security and IT teams to rectify this issue.
At this stage, it cannot be concluded how many customers could be affected by this breach, how long the intrusion lasted, or what counties were affected. Further reports from Hyundai will clarify these questions.
