Advertisement
Both Kia and affiliated automaker Hyundai Motors America, which reported a less severe IT outage it said also began Saturday, said they had no evidence the problems were caused by ransomware. Neither would provide an explanation for what caused them.
In a statement on Thursday, Kia cited “online speculation” that Kia was hit by ransomware, which scrambles data until a victim pays to have it decoded.
“At this time, and based on the best and most current information, we can confirm that we have no evidence that Kia or any Kia data is subject to a ransomware attack,” the company said.
Related Articles
Advertisement
Kia said its UVO app, which offers the “remote start” function, was coming back online Thursday. It would not confirm that the outage delayed vehicle deliveries and maintenance, although Automotive News and The Associated Press spoke to dealers who said it had.
For instance, a Phoenix woman, Amy Horowitch, tweeted to complain that the outage had held up her attempt to lease a Kia vehicle. She told the AP that two salespeople at a Phoenix dealership told her ransomware was to blame. The dealership referred questions to Kia’s corporate office.
Hyundai said a “limited number of customer-facing systems” were impacted and that its Bluelink smartphone app was not affected.
Doppelpaymer is a leading Russian-speaking ransomware gang. It emerged in mid-2019 and has attacked multiple industries and public agencies. Doppelpaymer is one of a number of ransomware syndicates that have increasingly tried to extort victims — from law firms to factories to healthcare providers — by threatening to publish sensitive data.
Ransomware has reached epidemic proportions in the past three years, costing the public and private sector tens of billions of dollars, mostly from lost business and recovery, according to Bill Siegel, CEO of Coveware, which helps victims respond to attacks.