Kia Motors America recently suffered a major IT outage which impacted a number of customer-facing services such as mobile UVO Link apps, owner's portal, phone services, payment systems, and internal sites used by dealerships.
Headquartered in Irvine, California, Kia Motors America assembles a range of cars and SUVs in West Point, Georgia and sells its vehicles through over 750 dealers across the United States. Last weekend, the company was reportedly targeted with a ransomware attack that led to a major outage across its offices and outlets in the United States. While it was reported that the automobile company suffered a DoppelPaymer ransomware attack, it has denied having suffered any such attack.
The nationwide IT outage, however, affected Kia Motors' mobile UVO Link apps, owner's portal, phone services, payment systems, and internal sites used by dealerships. The company alerted its customers about a number of its services being hampered due to the outage and that it was working quickly to restore affected services.
Bleeping Computer reported last week that it had accessed a ransom note that was sent by the DoppelPaymer ransomware gang to Hyundai Motor Group, the parent company of Kia Motors. Via the ransom note, the hackers said they were in possession of a huge amount of data that they had stolen from Kia’s server.
The hackers also told Hyundai that in order to stop the data from getting leaked online, the company needed to make a payment of 404 bitcoins (£16.5 million) on the DoppelPaymer Tor payment site. If the company failed to respond to the hackers, the data will be released in 2-3 weeks. Also, if the ransom isn’t paid within the specified time, the amount can increase up to 600 bitcoins (£24.6 million).
The company has, however, stated categorically that it did not suffer a ransomware attack. "Kia Motors America, Inc. (“Kia”) has been experiencing an extended systems outage since Saturday but can confirm that the UVO app and owner’s portal are now operational. We anticipate remaining primary customer-facing affected systems will continue to come back online within the next 24-48 hours, with our most critical systems first in line," it said in a recent statement.
"We apologize for the inconvenience to affected customers, especially those impacted by winter storms, who felt the outage of our remote start and heating feature most acutely. Kia is wholly focused on fully resolving this issue and would like to thank our customers for their continued patience.
"We are aware of online speculation that Kia is subject to a ransomware attack. At this time, and based on the best and most current information, we can confirm that we have no evidence that Kia or any Kia data is subject to a ransomware attack," it added.
Hyundai Motors America, which is also a subsidiary of the Hyundai Motor Group, also said that a limited number of its customer-facing systems were affected due to an IT outage. "Those systems are in the process of coming back online. We would like to thank our customers for their continued patience. At this time, we can also confirm that we have no evidence of Hyundai Motor America or its data being subject to a ransomware attack," HMA said.