Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Kia and Hyundai recovering from days-long network outages

Kia Motors America says it’s restoring services crippled by a computer network outage that began last weekend, apparently affecting dealers’ ability to order vehicles and parts while knocking offline a smartphone app that owners use to remotely start and warm up vehicles

Via AP news wire
Thursday 18 February 2021 22:52 EST
Kia Hyundai IT Outage
Kia Hyundai IT Outage (Copyright 2020 The Associated Press. All rights reserved.)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Kia Motors America says it’s restoring services crippled by a computer network outage that began Saturday and which apparently affected dealers’ ability to order vehicles and parts and knocked offline a smartphone app that owners use to remotely start and warm up vehicles.

Both Kia and affiliated automaker Hyundai Motor America, which reported a less severe IT outage it said also began Saturday, said they had no evidence the problems were caused by ransomware. Neither would provide an explanation for what caused them.

In a statement on Thursday, Kia cited “online speculation” that it was hit by ransomware, which scrambles data until a victim pays to have it decoded. “At this time, and based on the best and most current information, we can confirm that we have no evidence that Kia or any Kia data is subject to a ransomware attack,” the company said.

The cybersecurity news outlet BleepingComputer reported Wednesday that it obtained a note in which the ransomware gang Doppelpaymer was demanding $20 million from Hyundai to decode scrambled data. The report said the gang was threatening to leak online data stolen from Hyundai unless the South Korean automaker paid up.

Kia said its UVO app, which offers the “remote start” function, was coming back online Thursday. It would not confirm that the outage delayed vehicle deliveries and maintenance, although Automotive News and The Associated Press spoke to dealers who said it had.

For instance, a Phoenix woman, Amy Horowitch, tweeted to complain that the outage had held up her attempt to lease a Kia vehicle. She told the AP that two salespeople at a Phoenix dealership told her ransomware was to blame. The dealership referred questions to Kia’s corporate office.

Hyundai said a “limited number of customer-facing systems” were impacted and that its Bluelink smartphone app was not affected.

Doppelpaymer is a leading Russian-speaking ransomware gang. It emerged in mid-2019 and has attacked multiple industries and public agencies. Doppelpaymer is one of a number of ransomware syndicates that have increasingly tried to extort victims — from law firms to factories to healthcare providers — by threatening to publish sensitive data.

Ransomware has reached epidemic proportions in the past three years, costing the public and private sector tens of billions of dollars, mostly from lost business and recovery, according to Bill Siegel, CEO of Coveware, which helps victims respond to attacks.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in