Skip to content

Kia Russia breach exposes 700,000 leads, 120,000 user records

  • by
  • 3 min read

A threat actor has claimed responsibility for leaking sensitive data from Kia Russia, the Russian arm of the global automotive brand. According to the hacker, over 700,000 leads and approximately 120,000 user records have been exposed, with the data allegedly stored in an unencrypted Structured Query Language (SQL) format.

If confirmed, the breach could significantly blow Kia Russia’s security posture, with malicious entities potentially exploiting these records. The compromised data reportedly includes personal information, which, depending on its nature, could put affected individuals at risk of identity theft, fraud, and other cyber threats.

SQL injection and data leaks are recurring issues that plague organisations. These cybersecurity incidents often arise from inadequate database security practices. While the details remain unclear, using SQL format for storing sensitive information raises concerns about Kia Russia’s data storage practices.

Kia Russia has yet to confirm or deny the details of the leak, and it is unclear whether any steps have been taken to address the issue.

In 2024, reports emerged that Kia’s web portal flaw allowed hackers to track and hack the car remotely. Just a year earlier, Hyundai and Kia faced issues when TikTok users began exploiting vulnerabilities in their car theft alarms by posting tutorials on how to steal such vehicles using simple tools such as USB cables. The companies responded by updating the car theft alarm.

Automobile companies collect a lot of personal data. In 2023, the Mozilla Foundation, in the Privacy Not Included report, revealed that 25 major car manufacturers — BMW, Ford, Toyota, Tesla, Kia, and Sabru, among others — collect sensitive data, including sexual activity, facial expressions and even genetic and health information.

It is no surprise that threat actors target automobile companies. The location and contact data of more than 800,000 Volkswagen, Audi, Seat, and Skoda electric vehicle drivers were exposed recently on the internet.

Last year, threat actor 8Base claimed they had stolen a significant cache of files from Volkswagen. However, the company appeared unfazed despite the threat of the data being exposed, asserting that its internal IT system remains unaffected.

In August 2024, Japanese car maker Toyota confirmed a massive breach of about 240 GB by the threat actor ZeroSevenGroup. Toyota disclosed that in 2023, a misconfigured cloud bucket was exposed to unauthorised internet access, putting the data of over two million Japanese users at risk.

In the News: EU Court fines European Commission for breaking own data laws

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>