A California union and Hyundai Motor Europe both announced separately this week that they had suffered cyberattacks in the past month, resulting in the loss of their data. According to Black Basta, a group that first emerged in 2022 as a double-extortionist group, Hyundai Motor Europe's data has been stolen more than 3TBs. 

The carmaker has not confirmed that it has been infected by ransomware, nor does Black Basta agree with its claims. An attack on the Hyundai Motor Europe division of the South Korean company earlier this year has been confirmed by the division's CEO. 

Hyundai Motor Europe was initially reported to have suffered a cyber-attack in the middle of January, however, Hyundai immediately shot the report down, saying it was simply a matter of IT issues. According to BleepingComputer, who first reported the story on Thursday, the South Korean automaker announced in early January that it was having "IT problems" that it was “working to resolve as soon as possible.” 

This news has been spreading fast since then. In the past week, the media outlet has been informed that Black Basta is connected with the incident and the alleged theft of 3TB of data. Cybernews is unaware of any mention of Hyundai or the stolen data on Black Basta's dark leak website at the moment of publishing, but it is very common for extortion groups to wait until ransom negotiations have firmly broken down to post about their victims. 

A further statement from Hyundai has not yet been released about which systems were compromised in the attack, how much sensitive data may have been accessed, and what was the extent of the damage. According to the Black Basta ransomware gang, Hyundai Motor Europe has been hacked and three terabytes of their data were stolen by the gang. 

There is evidence of a data breach from the threat actors, which was revealed. The gang seems to have stolen data from several departments, including legal, sales, and human resources, among others. In addition to having access to email addresses, physical addresses, phone numbers, and vehicle chassis numbers of affected individuals, threat actors were also able to obtain the information that they needed. 

An unauthorized third party has accessed the customer database of Hyundai Italy, as stated in the data breach letter sent to impacted individuals. To determine the scope of the incident, Hyundai Italy has notified the privacy watchdog and hired cybersecurity experts.

In the evidence provided to Bleeping Computer, the crooks revealed that there was a data breach that occurred in multiple departments of the business, such as legal, sales, and human resources. It was announced in April that Hyundai had suffered yet another data breach which affected Italian and French car owners as well as customers who had booked a test drive with them. 

Among the impacted individuals were people with emails, physical addresses, telephone numbers, and vehicle chassis numbers, which could be used to identify threat actors. An unauthorized third party had access to the database of customers according to a letter sent to the impacted individuals advising them of a data breach.

This incident has been reported to the privacy watchdog in Italy and Hyundai has hired a cybersecurity expert from an external company to determine the extent of the issues. A letter sent by the bank indicated that no financial information had been disclosed. 

The German media reported in December 2019 that suspected members of the Vietnam-linked APT Ocean Lotus (APT32) group had breached the networks of the automakers BMW and Hyundai as part of the hacking campaign. An intrusion was carried out to steal automotive trade secrets from the company.